Exclusive Deal While supplies last, save 40% off over 40 iPhone 5 and iPhone 4/4S cases and chargers as well as Samsung S III cases at Kensington.com. Use coupon code 'SAVE40%' at checkout to receive this exclusive discount.      
toggle

AAPL Stock: 443.46 ( + 1.32 )

http://www.macnn.com/articles/02/06/25/openssh.vulnerability/

OpenSSH vulnerability could allow access

updated 10:45 am EDT, Tue June 25, 2002

 
", 0, 0);


An OpenSSH vulnerability, details of which are due out next week, can allow access to a Unix system, including OS X. Users are encouraged to upgrade to OpenSSH 3.3 (released last week) and "enable priv seperation in their ssh daemons" since version 3.3 does not directly address the issue, but "makes the daemon less vulnerable to attack." [sshd, the SSH daemon, is disabled by default on OS X]


by MacNN Staff

Post tools:

TAGS :

 troubleshooting

Related Articles

Recent Articles

toggle

Comments

  1. MacNN.com Reader

    Fresh-Faced Recruit

    Joined: Jul 2001

    0
    06/25, 12:25pm | report spam | Reply |

    testing

    testing

  1. MacNN.com Reader

    Fresh-Faced Recruit

    Joined: Jul 2001

    0
    06/25, 12:26pm | report spam | Reply |

    type of access

    The message is vague about the type of access granted--presumably root...anyone know exactly what's going on here? Any word on Darwin's email list or even Apple's mailing lists?

  1. zaren

    Fresh-Faced Recruit

    Joined: Aug 2001

    0
    06/25, 01:46pm | report spam | Reply |

    A bit more detail

    http://www.citi.umich.edu/u/provos/ssh/privsep.html

    "Previously any corruption in the sshd could lead to an immediate remote root compromise if it happened before authentication, and to local root compromise if it happend after authentication. Privilege Separation will make such compromise very difficult if not impossible."

    -----
    Apple hardware still too expensive for you? How about a raffle ticket?

    Let "them" know you're not a terrorist!

  1. rscheepstra@hotmail.com

    Joined:

    0
    06/25, 06:25pm | report spam | Reply | delete

    Once upon a time..

    ...there was MacOS 9....you people remember? It had icons you could drag around, pull-down menu's, easy and straigtforward. I used it for a long time, and never EVER came across something like '"enable priv seperation in their ssh daemons".
    Yes, those were the days...

  1. rscheepstra@hotmail.com

    Joined:

    0
    06/25, 06:34pm | report spam | Reply | delete

    Ow that's nice

    Why the h*** is the above posting displaying my (spam account only) e-mailaddress?
    That's not my 'Publicly Displayed Name' as configured in 'My Profile'!!
    Nice job Macnn!!

  1. impierced

    Fresh-Faced Recruit

    Joined: Jan 2002

    0
    06/25, 07:41pm | report spam | Reply |

    Timer is set .... NOW!!!

    Let's see how long it takes Apple to create a update. Yes, I know I can fix this myself, but Apple choose Unix ... they absorb the support costs.

  1. Welborn

    Fresh-Faced Recruit

    Joined: Aug 2001

    0
    06/25, 08:21pm | report spam | Reply |

    Yeah

    Apple has been negligent when it comes to security updates. The last SSH problem, it was MONTHS before an update appeared. There has been an apache exploit (not for OS X yet, but a good hacker could surely create one) for more than a week, and still no word from Apple.

    I am a huge Mac fan, but if Apple expects people in the enterprise and server industry to take them seriously (Xserve), they need to get on the ball with respect to security.

    Of course, the easy answer to this is to turn off remote access in the control panel of any machines you have. That's the "MacOS 9" solution -- since there was no ssh shell access to OS 9 anyway. :-)

Login Here

Not a member of the MacNN forums? Register now for free.

 
close
Photo
toggle

Network Headlines

toggle

Most Popular

MacNN Sponsor

Recent Reviews

MaxUpgrades MaxConnect for 2006-2008 Mac Pro

Nobody outside of Cupertino's privileged bunch knows the future of the Mac Pro line for sure. Despite Apple's reluctance to tell us wh ...

Brother HL-3170CDW LED Printer

We've mentioned before that we are far from a paperless society. For now, at least, there are tasks that require a piece of paper for ...

HTC One

It is hard to overstate just how critically important the HTC One is to the Taiwanese company’s fortunes. Despite its alarming decline ...

toggle

Most Commented

 

Popular News