[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] ssh remote root exploit :-(

Subject: [ale] ssh remote root exploit :-(
From: dhurst at kennesaw.edu (Dow Hurst)
Date: Tue, 25 Jun 2002 12:55:23 -0400

I just confirmed that "UsePrivilegeSeparation yes" is not a valid option 
for my current OpenSSH:

Knife:/etc/ssh # /etc/ssh/sshd_config: line 8: Bad configuration option: 
UsePrivilegeSeparation
/etc/ssh/sshd_config: terminating, 1 bad configuration options

My version is:
OpenSSH_3.0.2p1, SSH protocols 1.5/2.0, OpenSSL 0x0090603f

So you would have to try the latest version and see if it works.  This 
test was on SuSE 8.0 default OpenSSH install.
Dow

PS. The SSH.org version of SSH is useable by anyone running Linux for 
free as far as I understand.  The license is different from before when 
only academic's could use it for free.

David Bronson wrote:

>http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=102495293705094&q=raw
>
>---
>This message has been sent through the ALE general discussion list.
>See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
>sent to listmaster at ale dot org.
>
>
>  
>

---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.

Prev by Date: [ale] ssh remote root exploit :-(
Next by Date: [ale] ssh remote root exploit :-(
Previous by thread: [ale] ssh remote root exploit :-(
Next by thread: [ale] ssh remote root exploit :-(
Index(es):
- Date
- Thread