Penetration Testing mailing list archives
RE: OpenSSH (version < 3.4p1) && linux
From: "Benninghoff, John" <John.Benninghoff () Rbcdain com>
Date: Mon, 15 Jul 2002 11:34:40 -0500
This advisory from OpenSSH should help clear this up: http://www.openssh.com/txt/preauth.adv Linux and Solaris are vulnerable if they support logon via s/key (I don't know if this is a default or not), due to a bug in the ChallengeResponseAuthentication code. They _might_ be vulnerable to a bug in the PAMAuthenticationViaKbdInt code, however, this has not been confirmed, and AFAIK, there are no working exploits currently circulating (i.e. Gobbles didn't release code for Linux) Considering that the flaws are almost identical, the PAM bug is most likely exploitable. -----Original Message----- From: chris [mailto:chris () secure-packets com] Sent: Sunday, July 14, 2002 9:50 AM To: pen-test () securityfocus com Subject: OpenSSH (version < 3.4p1) && linux It seems there is much debate on whether linux based hosts are vulnerable to the recent remote root exploit for OpenSSH. I have seen advisories for FreeBSD/NetBSD/OpenBSD but the two systems that I have most encountered in my tests are Linux and Solaris, though I can't find a proof of concept exploit for these systems. Any information would be greatly appreciated. Thanx, ::chris ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- OpenSSH (version < 3.4p1) && linux chris (Jul 15)
- <Possible follow-ups>
- RE: OpenSSH (version < 3.4p1) && linux Benninghoff, John (Jul 15)