From owner-freebsd-security Wed Jun 26 18: 3:38 2002 Delivered-To: freebsd-security@freebsd.org Received: from postoffice.aims.com.au (eth0.lnk.aims.com.au [203.31.73.253]) by hub.freebsd.org (Postfix) with ESMTP id 0546037C630 for ; Wed, 26 Jun 2002 16:55:41 -0700 (PDT) Received: from postoffice.aims.com.au (nts-ts1.aims.private [192.168.10.2]) by postoffice.aims.com.au with ESMTP id g5QNtdm05962 for ; Thu, 27 Jun 2002 09:55:39 +1000 (EST) (envelope-from chris@aims.com.au) Received: from ntsts1 by aims.com.au with SMTP (MDaemon.v3.5.3.R) for ; Thu, 27 Jun 2002 09:54:59 +1000 Reply-To: From: "Chris Knight" To: Cc: Subject: RE: Wow Date: Thu, 27 Jun 2002 09:54:58 +1000 Message-ID: <012e01c21d6c$e16ce9c0$020aa8c0@aims.private> MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook CWS, Build 9.0.2416 (9.0.2911.0) In-Reply-To: X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4807.1700 Importance: Normal X-Return-Path: chris@aims.com.au X-MDaemon-Deliver-To: freebsd-security@FreeBSD.ORG Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Howdy, > -----Original Message----- > From: owner-freebsd-security@FreeBSD.ORG > [mailto:owner-freebsd-security@FreeBSD.ORG]On Behalf Of Robert Watson > Sent: Thursday, 27 June 2002 6:20 > To: Jamie Norwood > Cc: freebsd-security@FreeBSD.ORG > Subject: Re: Wow > > [snip] > > If people want to do something useful, looking for nits in our > integration of the new OpenSSH code in -CURRENT would be useful, as > we're in the process of merging to -STABLE and catching the nits > sooner rather than later would really be preferred. In particular, > looking for any issues with PAM would be useful, and with non-default > authentication types (hardware authentication tokens, kerberos, etc). > Isn't the merge a little bit hasty? According to the advisory, the least intrusive change to -STABLE would be to uncomment the ChallengeResponseAuthentication in /usr/src/crypto/openssh/sshd_config. The PAM issues appear to only be in 2.9.9+. Also, my understanding of the advisory is that the exploit hasn't been fixed - it's just that Privilege Separation will limit the exploit to a chrooted environment with minimal permissions. Please correct me if I'm wrong. > Robert N M Watson FreeBSD Core Team, TrustedBSD Projects > robert@fledge.watson.org Network Associates Laboratories Regards, Chris Knight Systems Administrator AIMS Independent Computer Professionals Tel: +61 3 6334 6664 Fax: +61 3 6331 7032 Mob: +61 419 528 795 Web: http://www.aims.com.au To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message