Mandrake Linux Security Advisory : openssh (MDKSA-2002:019)
Critical Nessus Plugin ID 13927
SynopsisThe remote Mandrake Linux host is missing one or more security updates.
DescriptionJoost Pol found a bug in the channel code of all versions of OpenSSH from 2.0 to 3.0.2. This bug can allow authenticated users with an existing account on the vulnerable system to obtain root privilege or by a malicious server attacking a vulnerable client. OpenSSH 3.1 is not vulnerable to this problem. The provided packages fix this vulnerability.
SolutionUpdate the affected packages.