Recent breakins / SSHD root hole?
Kris Kennaway
kris at obsecurity.org
Sun Jun 3 07:31:53 EST 2001
On Sat, Jun 02, 2001 at 02:26:38AM -0700, nuuB wrote:
> Trojaned ssh clients is nothing new. But what about this "weakness" in the
> daemon that was used to gain root privileges? What is it about? Has it been
> fixed in later versions? Is it remotely exploitable (doesn't sound likely, as
> then the cracker wouldn't have had gone through the trouble to sniff a valid
> password on sourceforge - unless this particular hole requires a valid
> user/pasword pair).
>
> Basically what I'd like to know is: What version of the OpenSSH daemon would I
> need to run in order NOT to be vulnerable to this "weakness"?
Sounds like
ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:30.openssh.asc
Kris
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 230 bytes
Desc: not available
Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20010602/fd5ed982/attachment.bin
More information about the openssh-unix-dev
mailing list