From owner-freebsd-security Mon Jun 24 14:55: 4 2002 Delivered-To: freebsd-security@freebsd.org Received: from bluenugget.net (bluenugget.net [64.32.175.43]) by hub.freebsd.org (Postfix) with ESMTP id EA29337B40A for ; Mon, 24 Jun 2002 14:54:48 -0700 (PDT) Received: from [192.168.4.154] (sf-gw.epylon.com [63.93.9.98]) (using TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits)) (No client certificate requested) by bluenugget.net (Postfix) with ESMTP id CB5D81371D for ; Mon, 24 Jun 2002 14:56:09 -0700 (PDT) Date: Mon, 24 Jun 2002 14:54:39 -0700 From: Jason DiCioccio Reply-To: Jason DiCioccio To: freebsd-security@freebsd.org Subject: [openssh-unix-announce] Re: Upcoming OpenSSH vulnerability (fwd) Message-ID: <2147483647.1024930479@[192.168.4.154]> X-Mailer: Mulberry/3.0.0a2 (Mac OS X) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org ---------- Forwarded Message ---------- Date: Monday, June 24, 2002 11:06 PM +0200 From: Markus Friedl To: openssh-unix-announce@mindrot.org, openssh-unix-dev@mindrot.org Subject: [openssh-unix-announce] Re: Upcoming OpenSSH vulnerability On Mon, Jun 24, 2002 at 03:00:10PM -0600, Theo de Raadt wrote: > Date: Mon, 24 Jun 2002 15:00:10 -0600 > From: Theo de Raadt > Subject: Upcoming OpenSSH vulnerability > To: bugtraq@securityfocus.com > Cc: announce@openbsd.org > Cc: dsi@iss.net > Cc: misc@openbsd.org > > There is an upcoming OpenSSH vulnerability that we're working on with > ISS. Details will be published early next week. > > However, I can say that when OpenSSH's sshd(8) is running with priv > seperation, the bug cannot be exploited. > > OpenSSH 3.3p was released a few days ago, with various improvements > but in particular, it significantly improves the Linux and Solaris > support for priv sep. However, it is not yet perfect. Compression is > disabled on some systems, and the many varieties of PAM are causing > major headaches. > > However, everyone should update to OpenSSH 3.3 immediately, and enable > priv seperation in their ssh daemons, by setting this in your > /etc/ssh/sshd_config file: > [...] > > OpenBSD and NetBSD users should also update to OpenSSH 3.3 right away. > On OpenBSD privsep works flawlessly, and I have reports that is also > true on NetBSD. All other systems appear to have minor or major > weaknesses when this code is running. I know theo did not mention FreeBSD, but does anyone know for sure if FreeBSD is one of the platforms with major/minor weaknesses in the privsep code? And if it is major, or minor? ;-) Cheers, -JD- -- Jason DiCioccio - jd@bluenugget.net - Useless .sig Open Domain Service - geniusj@ods.org - http://www.ods.org/ Ruby - jd@ruby-lang.org - http://www.ruby-lang.org/ PGP Fingerprint - C442 04E2 26B0 3809 8357 96AB D350 9596 0436 7C08 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message