bug in rssh v2.0.2
Brought to you by:
xystrus
Menu
▾
▴
bug in rssh v2.0.2
|
From: Derek M. <co...@pi...> - 2003-06-07 15:27:52
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hey kids, There is a bug in rssh v2.0.0 - v2.0.2 which may or may not be serious (but it's definitely braindead). I'm not an exploit writer, nor am I an expert at code security, but it strikes me that this one could possibly be an easy local root. I committed a major brain-fart, and forgot to check to see if some command-line parameters actually existed before trying to access them in the SUID chroot helper program for rssh v2.0.x (where x <= 2). This bug is fixed in rssh v2.0.3, which you can get from the rssh home page here: http://www.pizzashack.org/rssh/ Along with this bug, several other bugs are fixed including one which prevents access via scp with chroot jails. Some improvements were made in the build environment for non-Linux platforms, and some minor improvements were made in the documentation as well. There are no known exploits for the bug I mentioned above yet; nevertheless I recommend that all users of rssh v2.0.x upgrade to 2.0.3 immediately. Thanks - -- Derek Martin co...@pi... GPG Key ID: 0x81CFE75D -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE+4gRYdjdlQoHP510RAhmDAJ41iF83y1qY5wUSwKfhbDgrTlouBACgnlb2 v8Sfyz8c0UCHCpeLgD+eB/s= =q9AU -----END PGP SIGNATURE----- |