That is correct, I apologize for not making that clearer earlier. As mentioned, currently this is a local only root, exploit. However, this was talked about on the slashdot.org list, and I individual believed that he had been remotely root exploited, however he could not confirm that this was done through the same root hole.
Joey Officer -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of George Metz Sent: Thursday, March 07, 2002 1:52 PM To: LRP Support Subject: Re: [Leaf-user] openssh security hole On Thu, 7 Mar 2002, Joey Officer wrote: > I don't know how much this affects LRP/Leaf distributions, but I thought > that I would at least make mention of it here. There is a root hole in > OpenSSH, you can read about it here > > http://www.pine.nl/advisories/pine-cert-20020301.txt > > I am not sure if the SSH implementations being used by the current LRP > distros are affected, but I figured it would atleast be worth a read. Also > check out slashdot.org for more discussion on this. > > http://slashdot.org/article.pl?sid=02/03/07/1617211&mode=thread&tid=128 Note that at present, this is a local root hole, with a possibility for it to be a remote root exploit - think they're still digging on that. -- George Metz Commercial Routing Engineer [EMAIL PROTECTED] "We know what deterrence was with 'mutually assured destruction' during the Cold War. But what is deterrence in information warfare?" -- Brigadier General Douglas Richardson, USAF, Commander - Space Warfare Center _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
