Date: Thu, 13 Dec 2001 22:04:07 +0100 From: Krzysztof Zaraska <kzaraska@student.uci.agh.edu.pl> To: "Brian F. Feldman" <green@FreeBSD.ORG> Cc: freebsd-security@freebsd.org Subject: Re: Question about port 50000 Message-ID: <20011213220407.5ac73e37.kzaraska@student.uci.agh.edu.pl> In-Reply-To: <200112131742.fBDHgho79388@green.bikeshed.org> References: <ronan@melim.com.br058d01c183ef$ce77e1b0$2aa8a8c0@melim.com.br> <200112131742.fBDHgho79388@green.bikeshed.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 13 Dec 2001 12:42:43 -0500 Brian F. Feldman wrote: > > Itīs really weird, > > Openssh from FreeBSD-4.4 is vulnerable, do you have Openssh istalled? > > No, OpenSSH is vulnerable if you for some reason had enabled UseLogin. > There's no reason to have done that... ...and the hostile user must have a valid account. So this not a remote-root exploit per se. Krzysztof To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011213220407.5ac73e37.kzaraska>