Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy]

From: Alan Cox (alanat_private)
Date: Tue Sep 28 1999 - 14:17:18 PDT

Next message: Jeremy Buhler: "Re: [EuroHaCk] Linux 2.2.x ISN vulnerability (fwd)"

Previous message: Ron DuFresne: "Re: Linux GNOME exploit"
Maybe in reply to: Marc SPARC: "[Fwd: Truth about ssh 1.2.27 vulnerabiltiy]"
Next in thread: Eric Griffis: "Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> On Mon, 27 Sep 1999 11:35:44 EDT, Dan Astoorian <djastat_private>  said:
> > A trivial demo program that demonstrates the problem is attached.  (It
> > needs no special privileges; run it as an unprivileged user in any
> > writable directory.)  The program reports "okay" under Solaris 2.5.1 and
> > IRIX 6.5.2, "vulnerable" under RedHat 6.
>
> AIX 4.3.2 with all the recent Fixdist patches also says "okay".

Linux will also do so very soon. There are no standards issues here just
common sense. So Solar's patches for that and mknod are "no brainer" fixes

Next message: Jeremy Buhler: "Re: [EuroHaCk] Linux 2.2.x ISN vulnerability (fwd)"
Previous message: Ron DuFresne: "Re: Linux GNOME exploit"
Maybe in reply to: Marc SPARC: "[Fwd: Truth about ssh 1.2.27 vulnerabiltiy]"
Next in thread: Eric Griffis: "Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:05:47 PDT