System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

Vulunrability SshTransportMultipleBo patch for 5.1B?

Qing Zhu
Advisor

Vulunrability SshTransportMultipleBo patch for 5.1B?

Hi,
A contractor did a security scan on my company's tru64 boxes, and found this "SshTransportMultipleBo" vulunrablity as high risk.
My systems are runing 5.1b with patch kit 3 or 4. I tried to find patch for this on this website but no success. Can anyone kindly piont me to a link or something to it?

Many thanks,
Qing
2 REPLIES
Vladimir Fabecic
Honored Contributor

Re: Vulunrability SshTransportMultipleBo patch for 5.1B?

Here is URL where you can download PK5 and PK6 for 5.1B
ftp://ftp.itrc.hp.com/patch_bundles/tru64/5.1X/
Download patch kits and list patches in them.
In vino veritas, in VMS cluster
Steven Schweda
Honored Contributor

Re: Vulunrability SshTransportMultipleBo patch for 5.1B?

A Google search for:
SshTransportMultipleBo
led to:

http://www.cert.org/advisories/CA-2002-36.html

which says:

HP Tru64 UNIX V5.1a or HP OpenVMS systems using SSH V2.4.1 should upgrade to SSH V3.2.

2002 is pretty old. On my system (V5.1B with Patch Kit 6):

urtx# ssh -V
ssh: SSH Secure Shell Tru64 UNIX 3.2.0

(It's similar for /usr/sbin/sshd2.)

Are you sure that the problem really exists?