[ale] ssh remote root exploit :-(
Stuffed Crust
pizza at shaftnet.org
Tue Jun 25 15:30:54 EDT 2002
On Tue, Jun 25, 2002 at 02:41:15PM -0400, Jim Popovitch wrote:
> After I installed the rpms I had a problem logging in, the error I got was:
>
> fatal: mmap(xxxxx): Invalid argument
>
> Once I disable compression and enabled privsep in the sshd_conf file things
> started working like a charm.
Yeah, basically the 2.2 kernels don't support the needed mmap semantics.
As the openssh guys put it, loss of compression more than makes up for
the loss of a root exploit. :)
I guess I could update the RH 6.2 rpms to have compression off by
default.. but all of my RH62 boxen are using 2.4 kernels.. so I didn't
bother.
- Pizza
--
Solomon Peachy
I ain't broke, but I'm badly bent. ICQ# 1318344
Patience comes to those who wait.
...It's not "Beanbag Love", it's a "Transanimate Relationship"...
PGP signature
More information about the Ale
mailing list