Nessus reports against a 2.0_RC4 box that is is running a
 	version of OpenSSH older than 3.7.1 which is vulnerable
 	against a buffer exploit.

 	AFAIK the 3.6.1 intree has been be patched for this. Nessus
 	has an option to map versions. Can someone confirm which
 	OpenSSH version (exploitwise) corresponds to
 	NetBSD_Secure_Shell-20030917, would it be OpenSSH_3.7.1p2 ?

-- 
 			   David Brownlee -- abs@absd.org