OpenSSH Local Root Hole 554
maelstrom writes: "Looks like someone's found a local root exploit for OpenSSH versions between 2.0 and 3.0.2. Seems as though its a one-off error, there is no public exploit, but there is sure to be one shortly. They aren't ruling out remote exploit. Recommending patching and upgrading ASAP."
There goes OpenBSDs slogan... (Score:1, Funny)
Shame...
Re:There goes OpenBSDs slogan... (Score:4, Funny)
They aren't ruling out the possibility of a remote exploit.
CERT Advisory (Score:4, Funny)
IBM AIX versions 4.3 and 5.1
Hewlett-Packard's HP-UX
SCO OpenServer 5.0.6 and earlier
SGI IRIX 3.x
Sun Solaris 8 and earlier
I. DESCRIPTION
Several implementations of direct serial connect console may have a serious security hole. In more than several cases, a guy (SA) sitting on a folding chair in a data center, directly logged in to the system via serial connection and dumb terminal, was hit over the head with a stick by another guy. The second guy was then able to gain access to the system by forcefully taking away the dumb terminal from the guy that was hit over the head, and use his login to do bad stuff on the system.
II. IMPACT
The guy that was hit over the head with the stick suffered a bump on the head, and bad stuff was done on the system.
III. SOLUTION
We recommend disabling ALL systems in your data center. Issue the following command on Solaris: init 5, then turn it off by toggling the on/off switch. This method will prevent any attack outside your network, from within your network, and by god, from within your data center. The is the best known method of stopping ALL security holes, including the "stick on the head" issue. As vendors report new information to the CERT/CC, we will update this section.
http://www.paulandangelle.com/cert_advisory.html [paulandangelle.com]
I can't wait for djbssh (Score:5, Funny)
-russ
Re:Full disclosure = annoying. (Score:5, Funny)
Yay! (Score:1, Funny)
Good night everybody!
SGI IRIX 3.x? (Score:3, Funny)
Re:I can't wait for djbssh (Score:5, Funny)
Re:I can't wait for djbssh (Score:4, Funny)
Re:smallest possible patch (Score:3, Funny)
There are some reasons to use C for a project (Score:2, Funny)
Visual Basic (Score:5, Funny)
Re:Commercial SSH (Score:1, Funny)
Professional software engineers wouldn't make such mistakes.
Where's the PGP signature? (Score:2, Funny)
Doing an init 5 on a Solaris box will gracefully shutdown the box, and power it off. If you toggle the power switch after that you're just turning the box back on.
Re:OpenSSH site already updated? (Score:5, Funny)
Four days without a remote hole in the default install!
Not sure if OpenSSH is enabled by default though.
OpenSSH? (Score:2, Funny)
Re:There goes OpenBSDs slogan... (Score:2, Funny)
Reeeeeeeeeeally? In what language?
How can someone like you have the nerve to criticize the OpenSSH guys?! Missing '<' and '>' in such a critical spot! Jeez! It might be a common error to make, but I would think people trying to illustrate the incompetance of a talented security software coder making a minor mistake would constantly be thinking to themselves about the consequences of these kinds of trivial syntactic errors. It's also a real bonehead mistake. Everyone knows that you use & lt ; and & gt ; in HTML to get the '<' and '>' symbols. I'm sorry if this sounds conceited (that isn't my intention) but when I look at this I have an almost subconscious SCREAMING reaction. For whatever reason, the days when I made mistakes like this have come and gone -- whenever I use '<' or '>' to illustrate how stupid someone else is (when they're trying to illustrate how stupid someone else is) I always think about it, and I cannot imagine someone not thinking about what they are doing. Especially in a piece like this. How completely, and totally embarrassing for you, Briosa.