[ale] ssh remote root exploit :-(
David Bronson
dbron at roman.net
Tue Jun 25 13:20:13 EDT 2002
Hi Dow,
FWIW, I am convinced of the authenticity.
I think privatesep is only supported in 3.3.
#debian on openprojects is a good source for Debian information. Woody
and Potato now have *ick* patches. Unfortunately, the patches really
don't fix the issue; they just supposedly limit the impact.
I don't follow other distros closely so I can't be much help there.
DB
-----Original Message-----
From: Dow Hurst [mailto:dhurst at kennesaw.edu]
To: ale at ale.org
Sent: Tuesday, June 25, 2002 12:45 PM
To: dbron at roman.net; ale at ale.org
Subject: Re: [ale] ssh remote root exploit :-(
This is a big deal if true. How do I check out if privsep is possible
on my installation? This bug should hit Bugtraq very soon, right?
Dow
David Bronson wrote:
>http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=102495293705094&q=ra
w
>
>---
>This message has been sent through the ALE general discussion list.
>See http://www.ale.org/mailing-lists.shtml for more info. Problems
should be
>sent to listmaster at ale dot org.
>
>
>
>
---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems
should be
sent to listmaster at ale dot org.
---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be
sent to listmaster at ale dot org.
More information about the Ale
mailing list