thr3ads.net - openssh unix dev - Info on OpenSSH lastest vuln. ? [Jun 2002]

If this information is useful, please help other people find it:
Share via:

Twitter
Facebook
Email

Laurent Papier

2002-Jun-25 07:53 UTC

Info on OpenSSH lastest vuln. ?

Hi,
it seems that there is a vulnerability in OpenSSH including version 3.3. Using
privilege separation do not fix the problem but fail the intruder in the chroot
of the sshd daemon. The OpenBSD team announce that they will release a new
version 3.4 on monday that fix the vulnerability.

Will a new version of portable OpenSSH be also release on monday ? Or could we
already upgrade to v3.3 and activate the privilege separation.

-- 
Laurent Papier - Sys. Admin

Seemingly Similar Threads

Pb with ssl_disable in 1.0RC6
IMAP/POP3 proxying and capability
dovecot 1.1.rc4 -> 1.0.10 : Recent counter wrong
problem in rc15 (proxy mode)
Skey with OpenSSH 2.2.0

Search for more apparently analagous threads

openssh unix dev - Jun 2002 - Info on OpenSSH lastest vuln. ?

Info on OpenSSH lastest vuln. ?

Seemingly Similar Threads

Wisdom of the Ancients