Re: OPENSSH REMOTE ROOT COMPROMISE ALL VERSIONS
On Mon, 2003-01-06 at 18:44, Domonkos Czinke wrote:
> FYI
Note:
> > Before the SSH server is actually executed, the sshd_config file should
> > be modified in order to enable PAM ("PAMAuthenticationViaKbdInt yes").
and
> > "you can prevent privilege escalation if you enable
> > UsePrivilegeSeparation in sshd_config."
Summarized, this exploit only works if you have in your sshd_config:
PAMAuthenticationViaKbdInt yes
UsePrivilegeSeparation no
The default values for both my unstable and stable debian boxes appear
to be:
PAMAuthenticationViaKbdInt no
UsePrivilegeSeparation yes
(according to both manpage and the files themselves)
This means that, if you haven't modified your default sshd installation,
you are safe from this vulnerability.
Kind regards,
Johannes Verelst
--
jverelst@cs.uu.nl | It is always possible to aglutenate multiple
johannes@verelst.net | seperate problems into a single complex inter-
johannes.verelst@eo.nl | dependent solution. In most cases this is a
PGP ID: 0xFED127BD | bad idea. (RFC 1925, Truth 5)
http://www.verelst.net |
Reply to: