US-CERT
Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information
 

 View Notes By
Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric

 Other Documents
Technical Alerts

Technical Bulletins

Alerts

Security Tips

Guardian Digital Inc. Information for VU#369347

Date Notified:2002-06-24
Date Updated:
Statement Date:
Status Summary:Vulnerable

Vendor Statement

Guardian Digital ships OpenSSH in all versions of EnGarde Secure Linux. Version 3.3p1 was introduced by ESA-20020625-015 on June 25, 2002. This update introduces privilege separation. All users are strongly urged to upgrade to this version as soon as possible.

An upgrade to version 3.4p1 (which properly fixes the bugs) will be made available sometime in the next few days.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

Engarde Secure Linux has published a security advisory on this topic:

If you have feedback, comments, or additional information about this vulnerability, please send us email.
 

Produced 2009 by US-CERT, a government organization
Disclaimers and copyright information