Re: OpenSSH Vulns (new?) Priv seperation
From: John Madden (maddenj@skynet.ie)Date: 06/26/02
- Previous message: Valdis.Kletnieks@vt.edu: "Re: OpenSSH Vulns (new?) Priv seperation"
- In reply to: wirepair: "OpenSSH Vulns (new?) Priv seperation"
- Next in thread: Jose Nazario: "Re: OpenSSH Vulns (new?) Priv seperation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 26 Jun 2002 21:02:02 +0100 From: John Madden <maddenj@skynet.ie> To: vuln-dev@securityfocus.com
This was posted to Bugtraq earlier today.
http://online.securityfocus.com/archive/1/278818/2002-06-23/2002-06-29/0
It's the ISS disclosure of the bug. I've read a few more mails about the
privsep issue and there's very mixed feelings about it. I have it
running with compression turned off on a debian server with kernel
2.2.20 since yesterday morning without any trouble. However, I also came
across a mail on the proftpd list (I think) where someone claimed to
have a root exploit already with this enabled.
Basically, enabling privsep in the config limits the danger of the bug,
but doesn't fix it. If exploited successfully, the attacker will get a
shell which is chrooted and only gives sshd account.
-- Chat ya later,John. -- BOFH excuse #51: Cosmic ray particles crashed through the hard disk platter
- Previous message: Valdis.Kletnieks@vt.edu: "Re: OpenSSH Vulns (new?) Priv seperation"
- In reply to: wirepair: "OpenSSH Vulns (new?) Priv seperation"
- Next in thread: Jose Nazario: "Re: OpenSSH Vulns (new?) Priv seperation"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
