Re: [SECURITY] [DSA-134-2] Unknown OpenSSH remote vulnerability
Wichert Akkerman <wichert@wiggy.net> writes:
> ------------------------------------------------------------------------
> Debian Security Advisory DSA-134-2 security@debian.org
> http://www.debian.org/security/ Wichert Akkerman
> June 25, 2002
> ------------------------------------------------------------------------
>
>
> Package : ssh
> Problem type : remote exploit
> Debian-specific: no
Has anyone applied this update yet? I did so on a potato box, enabled
priv separation in the sshd config file and restarted sshd. I saw
that a user called sshd was created. However, when I ssh'ed in, I
didn't see any processes owned by sshd. In fact, the ssh daemon
process was still owned by root.
Anybody have any thoughts on this? Does priv sep work in potato?
--
--Kruskal
--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: