On Mon, Aug 13, 2001 at 05:35:54PM +0100, Greg MATTHEWS wrote:
> hi all...
> 
> confused about whether i have a vulnerable version of ssh... running nessus 
> tells me that it is vulnerable
> 
>     You are running a version of SSH which is 
>     older than version 1.2.32,
>     or a version of OpenSSH which is older than
>     2.3.0.
>    
> admittedly it also thinks i'm running 1.3 but i'm running 1.5.1/sparc. how can 
> i tell for sure what version of ssh came with my installation? if i need to 
> upgrade, what is the process?

telnet localhost 22
and look at the banner

To fix, install the last openssh from pkgsrc.

--
Manuel Bouyer <bouyer@antioche.eu.org>
--