Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sources.redhat.com/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sources.redhat.com/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com
Message-ID: <C6B07A19E9C78D47B4613C7A46FE91AE024C6606@i2km04-ukbr.domain1.systemhost.net>
From: jim DOT a DOT davidson AT bt DOT com
To: cygwin AT cygwin DOT com
Subject: cygwin1.dll
Date: Fri, 24 Jan 2003 12:14:35 -0000
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"

Sirs,
We are proposing to use the Red Hat OpenSSH package on our NT/W2K servers
but some concerns
have been raised re. the Cygwin1.dll shared memory vulnerability.
As the only Cygwin application running on these machines will be OpenSSH I
am not sure how
significant a risk may exist.
Can you please explain how this vulnerabilty could be exploited so that we
can determine
what if any counter measures we could deploy.
Thanks.

> Best Regards
> Jim 
> 		_______________________________________________
> 		BTcd  Computing Partners
> 		Intelligent Systems Management               
> 
> 	     _______________________________________________
 

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/