l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
January 6: Social gathering
Next Installfest:
TBD
Latest News:
Nov. 18: Club officer elections
Page last updated:
2003 Jan 06 17:07

The following is an archive of a post made to our 'vox mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
[vox] [Fwd: Re: [lists@globalintersec.com: Re: OPENSSH REMOTE ROOT COMPROMISE ALL VERSIONS]]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[vox] [Fwd: Re: [lists@globalintersec.com: Re: OPENSSH REMOTE ROOT COMPROMISE ALL VERSIONS]]



Even if this is a hoax, looking over the list, The PAM option is not
enabled by default from a source based install, and people on-top of
things should have Priv Sep enabled anyway.

(forwarding your inclusion to lugod lists too.)

troy said:
> Don't panic yet...
>
> 	From: Global InterSec Research <lists@globalintersec.com>
> 	As some may have gathered, the advisory recently posted by
> 	mmhs@hushmail.com was indeed a fake, intended to highlight several
> unclear statements made in GIS2002062801.
>
> Enabling UsePrivilegeSeparation is still a good idea though...
> Redhat never provided packages with that capability did they?
>
>
> -ta
>
>
> ----- Forwarded message from Global InterSec Research
> <lists@globalintersec.com> -----
>
> From: Global InterSec Research <lists@globalintersec.com>
> Subject: Re: OPENSSH REMOTE ROOT COMPROMISE ALL VERSIONS
> Date: Mon, 06 Jan 2003 20:05:32 +0000
> Message-Id: <4.2.0.58.20030106192323.02d792e0@193.133.49.25>
> X-Mailer: UNKNOWN
> To: bugtraq@securityfocus.com
> Delivered-To: mailing list bugtraq@securityfocus.com
> Delivered-To: moderator for bugtraq@securityfocus.com
>
>
> As some may have gathered, the advisory recently posted by
> mmhs@hushmail.com  was indeed a fake, intended to highlight several
> unclear statements made in GIS2002062801.
>
> The advisory in question is currently being updated with more detailed
> information and will be  re-posted at:
> http://www.globalintersec.com/adv/openssh-2002062801.txt as soon as it
> becomes  available.
>
> Note that the kbd-init flaw described in GIS2002062801 was proven to
> be exploitable in our lab although not all evidence to demonstrate
> this was provided in the original advisory. A mistake was made in the
> original advisory draft, where chunk content data was shown, rather
> than the entire corrupted malloc chunk. This will be amended in the
> revision.
>
> Also note that to our knowledge there are currently no known,
> exploitable flaws in OpenSSH 3.5p1,  due to its use of PAM as
> suggested by mmhs@hushmail.com. It is almost certain that the posted
> bogus advisory was also intended to cause alarm amongst communities
> using OpenSSH, through miss-information.
>
>
> Global InterSec LLC.
>
> ----- End forwarded message -----



_______________________________________________
vox mailing list
vox@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!