Re: OPENSSH REMOTE ROOT COMPROMISE ALL VERSIONS

To: Johannes Verelst <johannes@verelst.net>
Cc: debian-security@lists.debian.org
Subject: Re: OPENSSH REMOTE ROOT COMPROMISE ALL VERSIONS
From: Ralf Dreibrodt <rd@mesos.de>
Date: Mon, 06 Jan 2003 20:33:46 +0100
Message-id: <[🔎] 3E19DA1A.E2533044@mesos.de>
References: <[🔎] 663094E307F13E459D80FB7C5A830C10A55483@loire.internal.nextra.hu> <[🔎] 1041879100.8454.22.camel@naboo.verelst.net>

Hi,

Johannes Verelst wrote:
> 
> Summarized, this exploit only works if you have in your sshd_config:
> 
>         PAMAuthenticationViaKbdInt yes
>         UsePrivilegeSeparation no
> 
> The default values for both my unstable and stable debian boxes appear
> to be:
> 
>         PAMAuthenticationViaKbdInt no
>         UsePrivilegeSeparation yes

potato box, installed potato:
PAMAuthenticationViaKbdInt yes
#UsePrivilegeSeparation yes

woody box, installed potato&upgraded:
PAMAuthenticationViaKbdInt yes
#UsePrivilegeSeparation yes

woody box, installed woody:
PAMAuthenticationViaKbdInt no
UsePrivilegeSeparation yes

But i think i am also not vulnerable because privsep is default since
3.3.

Regards,
Ralf Dreibrodt

Reply to:

References:
- OPENSSH REMOTE ROOT COMPROMISE ALL VERSIONS
  - From: "Domonkos Czinke" <domonkos.czinke@nextra.hu>
- Re: OPENSSH REMOTE ROOT COMPROMISE ALL VERSIONS
  - From: Johannes Verelst <johannes@verelst.net>

Prev by Date: Re: OPENSSH REMOTE ROOT COMPROMISE ALL VERSIONS
Next by Date: Re: OPENSSH REMOTE ROOT COMPROMISE ALL VERSIONS
Previous by thread: Re: OPENSSH REMOTE ROOT COMPROMISE ALL VERSIONS
Next by thread: Re: OPENSSH REMOTE ROOT COMPROMISE ALL VERSIONS
Index(es):
- Date
- Thread