From owner-freebsd-security Sun Nov 14 12:45:14 1999 Delivered-To: freebsd-security@freebsd.org Received: from sand2.sentex.ca (sand2.sentex.ca [209.167.248.3]) by hub.freebsd.org (Postfix) with ESMTP id DAA93150D9; Sun, 14 Nov 1999 12:45:08 -0800 (PST) (envelope-from mike@sentex.net) Received: from gravel (ospf-mdt.sentex.net [205.211.164.81]) by sand2.sentex.ca (8.8.8/8.8.8) with SMTP id PAA24205; Sun, 14 Nov 1999 15:45:03 -0500 (EST) (envelope-from mike@sentex.net) Message-Id: <4.1.19991114153939.046249a0@granite.sentex.ca> X-Sender: mdtancsa@granite.sentex.ca X-Mailer: QUALCOMM Windows Eudora Pro Version 4.1 Date: Sun, 14 Nov 1999 15:46:00 -0500 To: Robert Watson From: Mike Tancsa Subject: Re: Fwd: ssh-1.2.27 remote buffer overflow - exploitable (VD#7) Cc: freebsd-security@freebsd.org, torstenb@freebsd.org In-Reply-To: References: <4.1.19991114000355.04d7f230@granite.sentex.ca> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 01:40 PM 11/14/99 , Robert Watson wrote: > >I've started switching my machines to OpenSSH -- however, our port >specifically disables K4 and AFS support :-). If I have time over the >next few days (unlikely, traveling to Albuquerque for a DARPA conference), >I'll mail in some patches to get K4 working. Otherwise, OpenSSH port >seemed to work out of the box for me -- the one other change I made was to >enable X forwarding in the ssh server. My feeling is disabling it in the >client is far more useful, as it's the client giving out access to its >display, not the server :-). I am not so worried at this point about kerb integration, as I dont use it. What I am worried about is remote root exploitation.... Or am I missing something in the bugtraq post ? The poster indicates remote root exploitation is difficult, but possible in http://www.freebsd.org/cgi/query-pr.cgi?pr=14749 I have cc'd the official maintainer. Perhaps he could comment ? ---Mike ********************************************************************** Mike Tancsa, Network Admin * mike@sentex.net Sentex Communications Corp, * http://www.sentex.net/mike Cambridge, Ontario * 01.519.651.3400 Canada * To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message