Upcoming OpenSSH Remote Exploit
From: Bernd Eckenfels (ecki-news2002-06@lina.inka.de)Date: 06/25/02
- Next message: gaius.petronius: "Re: "proving" a user received an email (good gosh)"
- Previous message: Dionysio S. Calucci: "Re: security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Bernd Eckenfels <ecki-news2002-06@lina.inka.de> Date: 25 Jun 2002 02:21:16 GMT
Hello,
Theo de Raadt is alerting the Vendors that ISS will publish an remote
exploit for OpenSSH and that 3.3p1 is able to limit the scope of the exploit
due to privsep.
Some vendors like Debian have already reacted and new versions of openssh
available, unfortunatelly the new openssh veriosn does not work pretty wel
with kerberos, pam or linux 2.0/2.2
Read all about it here: http://www.eckes.org/article.php?sid=73
Greetings
Bernd
-- www.eckes.org - Home of a Geek www.freefireorg - The Freefire Project - Firewalling with Open Source
- Next message: gaius.petronius: "Re: "proving" a user received an email (good gosh)"
- Previous message: Dionysio S. Calucci: "Re: security"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
