Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: FreeBSD 4.x OpenSSH/libopie remote root hole
From: Markus Friedl <mfriedl () gmail com>
Date: Thu, 7 Jul 2011 00:48:48 +0200

Yes, it's last years libopie bug CVE-2010-1938, even
if the exploit author does not think so.

http://twitter.com/msfriedl/status/87114829789278208
http://twitter.com/msfriedl/status/87910449634476033

On Mon, Jul 04, 2011 at 03:07:45PM +0000, Solar Designer wrote:
On Mon, Jul 04, 2011 at 09:24:45PM -0700, Colin Percival wrote:
I haven't had time to investigate, in part because I don't have any systems
running that ancient openssh any more.  I'm interested to hear if anyone has
tracked down exactly where the bug was, though.

Thanks for your reply.

Since I also have other uses for my time, would anyone else investigate,
please?  I'd appreciate it.  Perhaps install FreeBSD 4.x into a VM.
Sounds like fun for someone who has time.

I don't think the bug is in OpenSSH per se, nor in FreeBSD 4's PAM (my
understanding is that it was cut-down Linux-PAM at the time, which was
replaced with OpenPAM in 5.x), nor in pam_opie.  libopie sounds more
plausible.  But I could be wrong.

Alexander


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]