From: Andrew Harvey (andrew@patmac.demon.co.uk)
Date: Wed Nov 13 2002 - 03:47:40 EST
Hi All,
Quick fire question:
[1] On Sol 2.7/8 can I just keep ssh 1.2.27 or is there a good reason to upgrade
to one of the Openssh(es)?
Long winded (same question as above) I think open ssh could be worse?
On Solaris 2.7/8 I have ssh 1.2.27 and am thinking of upgrading to openssh 3.5
however on my boxes since I don't have /dev/random I'll not be using DSA keys.
The warning for this is in WARNING.RNG in the openssh source directory. Anyway,
My question is catching up on advisories/ssh/Solaris. Is the scaryest vulnerability
in ssh 1.2.27 the possibility of over writing a symlink with a bind() socket syscall?
I tried doing that on 2.7 today with
-- code snipped ---
strncpy(sunaddr.sun_path, LPATH, sizeof(sunaddr.sun_path));
if (bind(fd, (struct sockaddr *)&sunaddr, sizeof(sunaddr)) < 0) {
if (errno == EADDRINUSE) {
printf("bind() returned EADDRINUSE; this system appears to be okay.\n");
-- code snipped ---
creates a symlink and a socket to overwrite it but the unix domain socket won't
overwrite it, you get errno == EADDRINUSE. So I reckon if this is the scare,
I'm better off sticking with my ssh 1.2.27. Or is there a more scary vulnerability
I've missed?
So my question is. On Solaris 2.7/8 am I not better sticking with ssh 1.2.27?
Regards,
Andrew Harvey
Help Desk andrew\@patmac.demon.co.uk
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:25:16 EDT