Bugtraq mailing list archives
Re: Glibc Local Root Exploit
From: Jerry Connolly <jerry.connolly () EIRCOM NET>
Date: Wed, 10 Jan 2001 23:47:52 +0000
Pedro Margate said the following on Wed, Jan 10, 2001 at 01:40:39PM -0500,
The implementations of ssh that I'm familiar with (ssh and OpenSSH) install the ssh binary as suid root by default. This can be disabled during configuration or after the fact with chmod. I believe that would prevent this exploit from operating. I've turned off the suid bit on every ssh installation I've performed and it seems to work the same. I'm not sure what reason ssh has to be suid root, nobody I've asked has any idea.
If you have the following options set in ssh_config RhostsAuthentication yes RhostsRSAAuthentication yes UsePrivilegedPort yes then ssh will connect from a privileged port, which requires root privileges. Jerry Connolly, Eircom.net CIRT -- ejrry^[bxpZZ
Current thread:
- Glibc Local Root Exploit Charles Stevenson (Jan 10)
- Re: Glibc Local Root Exploit Thomas T. Veldhouse (Jan 10)
- Re: Glibc Local Root Exploit Ben Collins (Jan 10)
- Re: Glibc Local Root Exploit Pedro Margate (Jan 10)
- Re: Glibc Local Root Exploit Gordon Messmer (Jan 10)
- Re: Glibc Local Root Exploit Philip Rowlands (Jan 10)
- Re: Glibc Local Root Exploit Ari Saastamoinen (Jan 10)
- Re: Glibc Local Root Exploit Matt Zimmerman (Jan 12)
- Re: Glibc Local Root Exploit Jerry Connolly (Jan 10)
- Veritas BackupExec (remote DoS) oh3mqu+bugtraq (Jan 15)
- Re: Glibc Local Root Exploit Joe (Jan 10)
- Re: Glibc Local Root Exploit Digital Overdrive (Jan 10)
- Re: Glibc Local Root Exploit Digital Overdrive (Jan 10)
- Re: Glibc Local Root Exploit Brian (Jan 10)
- <Possible follow-ups>
- Re: Glibc Local Root Exploit Ben Greenbaum (Jan 10)
- Re: Glibc Local Root Exploit Simon Cozens (Jan 12)
- Re: Glibc Local Root Exploit Matt Zimmerman (Jan 12)
- Re: Glibc Local Root Exploit Charles Stevenson (Jan 10)