Bugtraq mailing list archives
Re: bug in ssh allowing to be invissible
From: jgross () STIMPY NET (Joe Gross)
Date: Tue, 20 Apr 1999 14:22:04 -0500
On Mon, Apr 19, 1999 at 03:30:20PM +0200, Grzegorz Stelmaszek wrote:
I have just discoverd that there is a bug in sshd allowing ordinary user to be showed as not logged in while logged in. You should simply ssh to remote host and run command "bash". One that's not so good, is that you will not have the controlling terminal, but ...
You've been able to do this forever with rsh. It's because when you run "ssh host bash" you're running a non-interactive non-login shell. Normally you'd use this procedure to run non-interactive processes remotely but running a shell is just an easy way of running arbitrary processes remotely. It's really no different from running "ssh host ls". You don't get put in the utmp because you're technically not "logging in." This also isn't really a security vulnerability because they is by design. Your "bash" process will still show in a ps listing. Logs are still kept by sshd itself and by process accounting if the admin has turned it on.
Current thread:
- Re: Plain text passwords--necessary Francisco M. Marzoa Alonso (Apr 16)
- <Possible follow-ups>
- Re: Plain text passwords--necessary Aleph One (Apr 16)
- Re: Plain text passwords--necessary Phillip Vandry (Apr 19)
- Corrected Linux 2.2.5 FIN/NULL/XMAS block patch Taral (Apr 19)
- Re: Corrected Linux 2.2.5 FIN/NULL/XMAS block patch Taral (Apr 20)
- Re: Plain text passwords--necessary Taral (Apr 19)
- Re: Plain text passwords--necessary Phillip Vandry (Apr 19)
- Re: Plain text passwords--necessary Trevor Schroeder (Apr 19)
- bug in ssh allowing to be invissible Grzegorz Stelmaszek (Apr 19)
- Re: bug in ssh allowing to be invissible Pete (Apr 20)
- Re: bug in ssh allowing to be invissible Joe Gross (Apr 20)
- NetBSD Security Advisory 1999-009 matthew green (Apr 20)
- Bash Bug Shadow (Apr 20)
- Re: Bash Bug Marc Lehmann (Apr 21)
- Re: Bash Bug Pavel Kankovsky (Apr 22)
- Re: Bash Bug Chet Ramey (Apr 22)
- L0pht Security Advisory: Cold Fusion App Server Weld Pond (Apr 21)
- Re: Plain text passwords--necessary Densin Roy. (Apr 19)
- Re: Plain text passwords--necessary Daniel Alex Finkelstein (Apr 19)
- AOL Instant Messenger URL Crash Adam Brown (Apr 19)
- Re: AOL Instant Messenger URL Crash Daniel Reed (Apr 20)