Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 26 Jun 2002 12:15:00 -0500
From:      Samuel Kesterson <freebsd-stable@k-labs.com>
To:        Scott Dodson <gsi22419@gsaix2.cc.gasou.edu>
Cc:        freebsd-stable@freebsd.org
Subject:   Re: OpenSSH
Message-ID:  <20020626171500.GS1961@beastie.datatrade.off>
In-Reply-To: <20020626164115.GA20787@sdodson.dns2go.com>; from gsi22419@gsaix2.cc.gasou.edu on Wed, Jun 26, 2002 at 11:41:15 -0500
References:  <20020626161024.GQ1961@beastie.datatrade.off> <20020626164115.GA20787@sdodson.dns2go.com>

next in thread | previous in thread | raw e-mail | index | archive | help
	Correction -- According to ISS 3.0-3.2.3 are vulnerable.
	 
	Yes, the ISS bug report is why I was asking. In the interest of 
accuracy though, 3.3 is vulnerable, but it's not the only version. The 
main point though is that 3.3 contains the "Privilege Separation" code 
(http://www.citi.umich.edu/u/provos/ssh/privsep.html), which renders 
the ISS Challenge bug unexploitable (We hope :-) ).  My -stable box 
says "SSH-1.99-OpenSSH_2.9 FreeBSD localisations 20020307", so perhaps 
-stable is not vulnerable? I haven't had time to investigate very 
deeply.

	I mostly asked because I think that PrivSep is a *great* 
improvement. Personally, I feel the less code that runs as UID=0, the 
better.

	But, just my $0.02 ...


On 2002.06.26 11:41 Scott Dodson wrote:

> If this is in response to the ISS exploit, it should be noted that the
> OpenSSH version with 4.6-Release should not be affected.  Atleast this
> is what I can tell based on the fact that the bug was reported as
> being
> in 3.3.
> 
> 
> --
> Scott Dodson  		PGP KEY id 0x5F9A9E5E
> sdodson@sdodson.com	 
> 
> 

~~
Samuel Kesterson
freebsd-stable@k-labs.com

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020626171500.GS1961>