[ale] ssh remote root exploit :-(

Jonathan Rickman jonathan at xcorps.net
Tue Jun 25 17:26:07 EDT 2002



Everyone should be aware that this new version does not fix the
vulnerability. It only reduces the risk since the attacker can only
gain access to the sshd account due to the new priveledge separation
feature. This could still ruin your day if your system is miles away and
ssh is your only means of accessing it.

Just a reminder not to get too comfortable yet :)


-- 
Jonathan Rickman
X Corps Security
http://www.xcorps.net


---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be 
sent to listmaster at ale dot org.






More information about the Ale mailing list