Sign up for the Security newsletter

Security flaw in remote computing revealed

Users' passwords bypassed...

By Pia Heikkila on 23 July 2001 15:15

NEWS A security hole has been discovered in Finnish security company SSH's remote access software, according to security bulletin BugTraq. The vulnerability exists in SSH Secure Shell 3.0.0 for Unix, which functions similarly to Telnet by allowing a computer user to log on to a remote device and run a program. SSH reported the vulnerability to BugTraq, and said only user accounts with password fields consisting of two or fewer characters can allow unauthorised access to the system. Janne Saarikko, Secure Shell product manager at SSH, said the security problem only affects small number of systems. "Most companies running their machines on Unix will have more sophisticated access control than just a password," he said. SSH said upgrading to SSH Secure Shell 3.0.0.1 fixes the problem and is available for download from http://www.ssh.com

Post your comment

In order to post a comment you need to be registered and logged in.

You can also log in with Facebook. Log in or create your silicon.com account below

  • Login

Will not be displayed with your comment

By signing up for this service, you indicate that you agree to our Terms and Conditions and have read and understood our Privacy Policy.

Questions about membership? Find the answers in the Membership FAQ

Get silicon.com's daily newsletter

  • Register on silicon.com

    Enter your email to register

Keep in touch with silicon.com

silicon.com newsletters