IBM Corporation Information for VU#978316

Vulnerability in OpenSSH daemon (sshd)

Status

Affected

Vendor Statement

The AIX operating system is vulnerable to the issues discussed in CERT Vulnerability Note VU#978316.

openSSH is available for AIX via the Bonus Pack or the Linux Affinity Toolbox.

For more information about the Linux Affinity Toolbox, please see:

http://www-1.ibm.com/servers/aix/products/aixos/linux/download.html

For more information about SSH for the Bonus Pack, please see:

http://oss.software.ibm.com/developerworks/projects/opensshi

Both packages will be updated as information becomes available from OpenSSH.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References

None

Addendum

The CERT/CC has no additional comments at this time.

If you have feedback, comments, or additional information about this vulnerability, please send us email.