Re: [fwd] SSH allows deletion of other users files...

From: Rob Simmons (rsimmons@wlcg.com)
Date: 06/08/01

• Next message: Lyndon Nerenberg: "Re: /bin/rmail (was: root & toor)"
• Previous message: Gerhard Sittig: "Re: Encrypted passwords"
• In reply to: Neil Blakey-Milner: "Re: [fwd] SSH allows deletion of other users files..."
• Next in thread: Peter Pentchev: "Re: [fwd] SSH allows deletion of other users files..."
• Reply: Peter Pentchev: "Re: [fwd] SSH allows deletion of other users files..."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Fri, 8 Jun 2001 15:27:58 -0400 (EDT)
From: Rob Simmons <rsimmons@wlcg.com>
To: Neil Blakey-Milner <nbm@mithrandr.moria.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

With X forwarding on in /etc/ssh/sshd_config:
X11Forwarding yes

and using
ssh -X <user>@<host>

I don't see any ssh files in /tmp. Does this bug apply to FreeBSD's
version of OpenSSH?

Robert Simmons
Systems Administrator
http://www.wlcg.com/

On Wed, 6 Jun 2001, Neil Blakey-Milner wrote:

> On Wed 2001-06-06 (12:48), Andreas Haugsnes wrote:
> > I've tested it with FreeBSD 4.3, and I have not found this bug
> > to apply.
>
> Are you using X forwarding? (ie, ssh -X)
>
> Neil
> --
> Neil Blakey-Milner
> nbm@mithrandr.moria.org
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE7ISdCv8Bofna59hYRA3H3AJ9yEm89HCI3aLt4NLBYSYuTtRq60ACgswIX
lJdsT92Q7wG/fNSaLsl5/hU=
=pSge
-----END PGP SIGNATURE-----

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

---

• Next message: Lyndon Nerenberg: "Re: /bin/rmail (was: root & toor)"
• Previous message: Gerhard Sittig: "Re: Encrypted passwords"
• In reply to: Neil Blakey-Milner: "Re: [fwd] SSH allows deletion of other users files..."
• Next in thread: Peter Pentchev: "Re: [fwd] SSH allows deletion of other users files..."
• Reply: Peter Pentchev: "Re: [fwd] SSH allows deletion of other users files..."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Problems with SSH and Subversion over SSH/HTTPS ... I'm using a FreeBSD 7.1-RELEASE-p2 server running on AMD64, serving ssh and https, with various Mac OS X and Windows clients. ... This is notable to me because when I was running other operating systems on the same box, which I could of course make my connection fail if I ran pathological tests, the difference was like night and day. ... (freebsd-questions) FreeBSD Security Advisory FreeBSD-SA-02:31.openssh ... SSH clients and servers communicate by exchanging discrete messages ... server to overwrite portions of its memory with client-provided data. ... No correction details are provided in this advisory. ... Version: GnuPG v1.0.7 (FreeBSD) ... (FreeBSD-Security) Re: FreeBSD, SSH and "Enter Authentication Response" ... Matthew: Your suggestion worked beautifully. ... standard with FreeBSD 5.1-RELEASE. ... > SSH client software and the OpenSSH server code on FreeBSD. ... (freebsd-questions) Re: Pasting via ssh causes data loss ... sftp of the file to the remote and ... I then opened an ssh session to a FreeBSD ... errors shown on the interface of the server? ... (freebsd-questions) FreeBSD, SSH and "Enter Authentication Response" ... I'm using a minimal FreeBSD install and SSH Secure Shell client ... A window is displayed with "Enter Authentication Response" ... This is the window I normally see when I login to other *nix servers ... (freebsd-questions)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Mailing-Lists  > FreeBSD-Security  > 2001-06