oss-sec mailing list archives
Re: FreeBSD 4.x OpenSSH/libopie remote root hole
From: Markus Friedl <mfriedl () gmail com>
Date: Thu, 7 Jul 2011 00:48:48 +0200
Yes, it's last years libopie bug CVE-2010-1938, even if the exploit author does not think so. http://twitter.com/msfriedl/status/87114829789278208 http://twitter.com/msfriedl/status/87910449634476033 On Mon, Jul 04, 2011 at 03:07:45PM +0000, Solar Designer wrote:
On Mon, Jul 04, 2011 at 09:24:45PM -0700, Colin Percival wrote:I haven't had time to investigate, in part because I don't have any systems running that ancient openssh any more. I'm interested to hear if anyone has tracked down exactly where the bug was, though.Thanks for your reply. Since I also have other uses for my time, would anyone else investigate, please? I'd appreciate it. Perhaps install FreeBSD 4.x into a VM. Sounds like fun for someone who has time. I don't think the bug is in OpenSSH per se, nor in FreeBSD 4's PAM (my understanding is that it was cut-down Linux-PAM at the time, which was replaced with OpenPAM in 5.x), nor in pam_opie. libopie sounds more plausible. But I could be wrong. Alexander
Current thread:
- FreeBSD 4.x OpenSSH/libopie remote root hole Solar Designer (Jul 04)
- Re: FreeBSD 4.x OpenSSH/libopie remote root hole Colin Percival (Jul 04)
- Re: FreeBSD 4.x OpenSSH/libopie remote root hole Solar Designer (Jul 04)
- Re: FreeBSD 4.x OpenSSH/libopie remote root hole Sebastian Krahmer (Jul 05)
- <Possible follow-ups>
- Re: FreeBSD 4.x OpenSSH/libopie remote root hole Markus Friedl (Jul 06)
- Re: FreeBSD 4.x OpenSSH/libopie remote root hole Colin Percival (Jul 04)