GHUG_105220
Feb 04, 2011Nimbostratus
OpenSSH Version upgrade on BIGIP LTM
We had an external auditors come in and they alarmed us about a OpenSSH X11 Forward Session Hijacking vulerability that was present on our production LTM's. This issue is documented here: http://www.nessus.org/plugins/index...e&id=31737 What I did was upgrade to the latest BIGIP software version 10.2.1.297 and it still has an older version of OpenSSH: version OpenSSH_4.3p2 which still looks to be vulnerable to this exploit. Is there a way to just upgrade OpenSSH independantly so we can install the OpenSSH v5.0 or above to resolve this?
Thanks,
Greg