Summary: | OpenSSH/PAM overflow | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Seemant Kulleen (RETIRED) <seemant> |
Component: | Current packages | Assignee: | Brandon Low (RETIRED) <lostlogic> |
Status: | RESOLVED FIXED | ||
Severity: | blocker | ||
Priority: | High | ||
Version: | 1.2 | ||
Hardware: | x86 | ||
OS: | Linux | ||
URL: | http://www.globalintersec.com/adv/openssh-2002062801.txt | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Seemant Kulleen (RETIRED)
2002-07-03 16:10:11 UTC
URL Specifies versions prior to 3.4, which have all been removed (by me) from the portage tree. It also specifies that it can gain the privledges of the daemon user which is the unpriveledged sshd user since 3.3 on our system. We are safe. |