l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
October 7: Social gathering
Next Installfest:
TBD
Latest News:
Aug. 18: Discounts to "Velocity" in NY; come to tonight's "Photography" talk
Page last updated:
2003 Jan 06 13:30

The following is an archive of a post made to our 'vox mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
[vox] Fwd: OPENSSH REMOTE ROOT COMPROMISE ALL VERSIONS
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[vox] Fwd: OPENSSH REMOTE ROOT COMPROMISE ALL VERSIONS



See original announcement:
http://online.securityfocus.com/archive/1/305311/2003-01-03/2003-01-09/0

Summary: requires PAM, and enabling of PAM auth in sshd_config

Also a summary from the above URL:

WORK AROUND
  - -----------

  As mentioned in http://www.openssh.com/txt/preauth.adv, and as
  demonstrated by noir in http://www.phrack.org/phrack/60/p60-0x06.txt,
  "you can prevent privilege escalation if you enable
  UsePrivilegeSeparation in sshd_config."



_______________________________________________
vox mailing list
vox@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
EDGE Tech Corp.
For donating some give-aways for our meetings.