https://community.hpe.com/t5/operating-system-hp-ux/ssh-vulneribility/m-p/3871680#M739178 Hi Thomas, <BR /><BR />Latest version for Secure shell available from HP is, A.04.30.014. It should fix the security hole. <BR /><BR />And, there is no downtime required to install Secure shell. Older SSH connection will remain the same untill reconnected. <BR /><BR /><BR />URL : <A href="http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=T1471AA" target="_blank">http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=T1471AA</A><BR /><BR />-Arun Thu, 28 Sep 2006 10:42:09 GMT Arunvijai_4 2006-09-28T10:42:09Z https://community.hpe.com/t5/operating-system-hp-ux/ssh-vulneribility/m-p/3871679#M739177 we have this note from security...<BR />OpenSSH GSSAPI Credential Disclosure Vulnerability <BR /><BR /> 156.99.4.5 (-, -) port 22/tcp HP-UX 11 CVSS: - Active <BR /><BR />SOLUTION:<BR />This issue affects versions of OpenSSH prior to 4.2. The vendor released OpenSSH version 4.2 to address this issue. <BR /><BR />so will the upgrade help, if so what would be the steps and would it require a downtime as this is a prod box. Also if i upgrade will it fix this issue?<BR /><BR />Please advise<BR /><BR />Thanks<BR /><BR />Thomas Thu, 28 Sep 2006 10:38:15 GMT https://community.hpe.com/t5/operating-system-hp-ux/ssh-vulneribility/m-p/3871679#M739177 M.Thomas 2006-09-28T10:38:15Z https://community.hpe.com/t5/operating-system-hp-ux/ssh-vulneribility/m-p/3871680#M739178 Hi Thomas, <BR /><BR />Latest version for Secure shell available from HP is, A.04.30.014. It should fix the security hole. <BR /><BR />And, there is no downtime required to install Secure shell. Older SSH connection will remain the same untill reconnected. <BR /><BR /><BR />URL : <A href="http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=T1471AA" target="_blank">http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=T1471AA</A><BR /><BR />-Arun Thu, 28 Sep 2006 10:42:09 GMT https://community.hpe.com/t5/operating-system-hp-ux/ssh-vulneribility/m-p/3871680#M739178 Arunvijai_4 2006-09-28T10:42:09Z https://community.hpe.com/t5/operating-system-hp-ux/ssh-vulneribility/m-p/3871681#M739179 Arun:<BR /><BR />so just swinstall the new depot file and we are done. nothing to change? that sounds so simple. please confirm, this is a production box<BR /><BR />Thanks<BR /><BR />Thomas Thu, 28 Sep 2006 11:02:01 GMT https://community.hpe.com/t5/operating-system-hp-ux/ssh-vulneribility/m-p/3871681#M739179 M.Thomas 2006-09-28T11:02:01Z https://community.hpe.com/t5/operating-system-hp-ux/ssh-vulneribility/m-p/3871682#M739180 Hi Thomas, <BR /><BR />Yes, Just swinstall will be fine. It is better you go through the release notes for secure shell, <BR /><BR /><A href="http://docs.hp.com/en/internet.html#Secure%20Shell" target="_blank">http://docs.hp.com/en/internet.html#Secure%20Shell</A><BR /><BR />-Arun Thu, 28 Sep 2006 11:14:20 GMT https://community.hpe.com/t5/operating-system-hp-ux/ssh-vulneribility/m-p/3871682#M739180 Arunvijai_4 2006-09-28T11:14:20Z