[luau] Local Root Hole in OpenSSH
MonMotha
monmotha at indy.rr.com
Thu Mar 7 20:17:54 PST 2002
Does redhat 6.2 use PAM? If it doesn't I can statically link you a copy
that should run no matter what.
--MonMotha
Steve Anderson wrote:
> Yeah, I think it applies to all OpenSSH prior to 3.1. I was able to upgrade
> our RedHat 7.1 and Solaris machines with the portable 3.1 source. But the
> same source fails on RedHat 6.2. Our OpenBSD 2.8 machine also failed during
> the build process for the regular OpenSSH. I found others with the same
> problems on Google, and the patch for OpenBSD 2.8 was supposed to have been
> fixed. But the updated 2.8 patch had not made it to the download sites yet,
> so I turned off SSH on the 2.8 machine. I also turned off SSH on the Red Hat
> 6.2 machines, and will wait to see what Red Hat comes out with. If anyone is
> still running Red Hat 6.2 and gets OpenSSH 3.1p to build on 6.2, please let
> me know.
>
> Steve Anderson
>
> On Thursday 07 March 2002 12:11 pm, you wrote:
>
>>Someone found a hole in OpenSSH.
>>
>>Info at: http://www.pine.nl/advisories/pine-cert-20020301.html
>>
>>Everyone should probably upgrade their OpenSSHs about now. I'm guessing
>>that OpenBSD is also vulnerable (doesn't say only the portable versions).
>>
>>--MonMotha
>>
>>_______________________________________________
>>LUAU mailing list
>>LUAU at videl.ics.hawaii.edu
>>http://videl.ics.hawaii.edu/mailman/listinfo/luau
>>
> _______________________________________________
> LUAU mailing list
> LUAU at videl.ics.hawaii.edu
> http://videl.ics.hawaii.edu/mailman/listinfo/luau
>
>
More information about the LUAU
mailing list