OSSH Information for VU#419241
Multiple vendor SFTP logging format string vulnerability
- Vendor Information Help Date Notified: 16 Jan 2006
- Statement Date:
- Date Updated: 16 Jan 2006
No statement is currently available from the vendor regarding this vulnerability.
The vendor has not provided us with any further information regarding this vulnerability.
The OSSH author indicates:
I'm quite sure that the now very
old ossh does not include a sftp client or server and that it should
thus not be vulnerable.
Either way ossh is old and obsolete and I don't recommend its use.
If you have feedback, comments, or additional information about this vulnerability, please send us email.