l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
December 2: Social Gathering 		Next Installfest:
TBA 		Latest News:
Nov. 18: Officers elected 		Page last updated:
2003 Jan 06 13:34
Events
 Meetings
 Installfests
 Demos
 Photos
Services
 Library
 LERT
 Jobs
 Documents
Interact
 Mailing Lists
 - Search
 - Archives
 Chat (IRC)
 Social Networks
About Us
 Members
 Projects
 Testimonials
 Call for Speakers
 Why Not MS?
 Finances
 Sponsors

^Home
?Search
?News & RSS
?Calendar
@Contact Us
$Buy Stuff
=Printable


The following is an archive of a post made to our 'vox mailing list' by one of its subscribers.

 Report this post as spam:

(Enter your email address)
[vox] [fwd] Re: OPENSSH REMOTE ROOT COMPROMISE ALL VERSIONS
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[vox] [fwd] Re: OPENSSH REMOTE ROOT COMPROMISE ALL VERSIONS

----- Forwarded message from troy <fryman@sonic.net> -----

Date: Mon, 6 Jan 2003 13:16:32 -0800
From: troy <fryman@sonic.net>
Subject: [lists@globalintersec.com: Re: OPENSSH REMOTE ROOT COMPROMISE ALL VERSIONS]
To: talk@nblug.org
Reply-To: <talk@nblug.org>

Don't panic yet...  

	From: Global InterSec Research <lists@globalintersec.com>
	As some may have gathered, the advisory recently posted by
	mmhs@hushmail.com was indeed a fake, intended to highlight several
	unclear statements made in GIS2002062801.

Enabling UsePrivilegeSeparation is still a good idea though...
Redhat never provided packages with that capability did they?


-ta


----- Forwarded message from Global InterSec Research <lists@globalintersec.com> -----

From: Global InterSec Research <lists@globalintersec.com>
Subject: Re: OPENSSH REMOTE ROOT COMPROMISE ALL VERSIONS
Date: Mon, 06 Jan 2003 20:05:32 +0000
Message-Id: <4.2.0.58.20030106192323.02d792e0@193.133.49.25>
X-Mailer: UNKNOWN
To: bugtraq@securityfocus.com
Delivered-To: mailing list bugtraq@securityfocus.com
Delivered-To: moderator for bugtraq@securityfocus.com


As some may have gathered, the advisory recently posted by mmhs@hushmail.com 
was indeed a fake, intended to highlight several unclear statements made in GIS2002062801. 

The advisory in question is currently being updated with more detailed information and will be 
re-posted at: http://www.globalintersec.com/adv/openssh-2002062801.txt as soon as it becomes 
available.

Note that the kbd-init flaw described in GIS2002062801 was proven to be exploitable in our lab
although not all evidence to demonstrate this was provided in the original advisory. A mistake
was made in the original advisory draft, where chunk content data was shown, rather than the
entire corrupted malloc chunk. This will be amended in the revision.

Also note that to our knowledge there are currently no known, exploitable flaws in OpenSSH 3.5p1, 
due to its use of PAM as suggested by mmhs@hushmail.com. It is almost certain that the posted
bogus advisory was also intended to cause alarm amongst communities using OpenSSH, through
miss-information.


Global InterSec LLC.

----- End forwarded message -----

----- End forwarded message -----
_______________________________________________
vox mailing list
vox@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox
LinkedIn
LUGOD Group on LinkedIn 		facebook
LUGOD Group on Facebook

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
1105 Kennedy Place, Suite 1, Davis, CA 95616
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

 Sponsored in part by:
nerdbooks.com
For numerous book donations.