Updated:  June 13, 2001

Status

Affected

Vendor Statement

"There is a bug in SSH-1.2.30 involving Secure RPC. The patch for this is available at http://www.ssh.com/patches.html .... The SSH1 protocol is not formally supported by SSH Communications Security. However, as a service to the user community, we offer this patch as a potential way of addressing SSH1 related issues."

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.

Notified:  April 23, 2001 Updated: June 07, 2001

Status

Affected

Vendor Statement

"This is beyond the intended use of Secure RPC and is not endorsed or in any way supported by Sun."

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Addendum

The CERT/CC has no additional comments at this time.