Re: No vulnerability known in SSH-1.2.26

Ben Laurie (ben@algroup.co.uk)
Tue, 03 Nov 1998 10:49:17 +0000

• Next message: tony@secapl.com: "Re: No vulnerability known in SSH-1.2.26"
• Previous message: acpizer@mach.unseen.org: "Re: No vulnerability known in SSH-1.2.26"
• In reply to: Anonymous: "Re: No vulnerability known in SSH-1.2.26"

Anonymous wrote:
> If you think it's worth checking, just compare hashes of those binaries
> (or, if you're ultra-paranoid, actual binaries) which should be identical.

Hashes of nominally identical binaries tend not to match because of
uninitialised regions containing pseudo-random stuff.

Cheers,

Ben.

-- 
Ben Laurie            |Phone: +44 (181) 735 0686| Apache Group member
Freelance Consultant  |Fax:   +44 (181) 735 0689|http://www.apache.org/
and Technical Director|Email: ben@algroup.co.uk |
A.L. Digital Ltd,     |Apache-SSL author     http://www.apache-ssl.org/
London, England.      |"Apache: TDG" http://www.ora.com/catalog/apache/

• Next message: tony@secapl.com: "Re: No vulnerability known in SSH-1.2.26"
• Previous message: acpizer@mach.unseen.org: "Re: No vulnerability known in SSH-1.2.26"
• In reply to: Anonymous: "Re: No vulnerability known in SSH-1.2.26"