ssh vulnerability in 10.2.6

Peter Krug pkrug at mac.com
Thu Oct 2 06:50:08 PDT 2003


At 9:28 -0400 10/02/2003, Chris Olson <chris at astcomm.net> wrote:
>I don't give a rats arse whether or not you enable "remote login". 
>The vulnerability involves a buffer mismanagement problem whereby an 
>attacker can gain root access to the machine via the sshd user 
>process.

Chris,

Thanks for scaring me.  But you're wrong.  Turn off Remote login and 
your are fine.  Read about it here: http://www.securemac.com and 
here: 
http://lists.netsys.com/pipermail/full-disclosure/2003-September/010116.html
-- 
A little computer haiku:
I can't remember
the last time I restarted
I love OS X

This message sent with Eudora 6 on Mac OS X 10.2.8



More information about the Titanium mailing list