[ale] ssh remote root exploit :-(
Dow Hurst
dhurst at kennesaw.edu
Tue Jun 25 12:55:23 EDT 2002
I just confirmed that "UsePrivilegeSeparation yes" is not a valid option
for my current OpenSSH:
Knife:/etc/ssh # /etc/ssh/sshd_config: line 8: Bad configuration option:
UsePrivilegeSeparation
/etc/ssh/sshd_config: terminating, 1 bad configuration options
My version is:
OpenSSH_3.0.2p1, SSH protocols 1.5/2.0, OpenSSL 0x0090603f
So you would have to try the latest version and see if it works. This
test was on SuSE 8.0 default OpenSSH install.
Dow
PS. The SSH.org version of SSH is useable by anyone running Linux for
free as far as I understand. The license is different from before when
only academic's could use it for free.
David Bronson wrote:
>http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=102495293705094&q=raw
>
>---
>This message has been sent through the ALE general discussion list.
>See http://www.ale.org/mailing-lists.shtml for more info. Problems should be
>sent to listmaster at ale dot org.
>
>
>
>
---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be
sent to listmaster at ale dot org.
More information about the Ale
mailing list