Search This Blog

Thursday, March 12, 2009

HP OpenSSH vulnerability

HP OpenSSH (from HP Proliant pack, HP SIM)comes with C:\Program Files\OpenSSH\bin\cygwin1.dll version 1.5.4
This version is vulnerable according to http://www.nessus.org/plugins/index.php?view=single&id=28330.

to fix it download HP IS 3.0 DVD where you will get cygwin1.dll version 1.5.25.
http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=ISDVD&jumpid=reg_R1002_USEN

No comments: