Slashdot Mirror
OpenSSH Local Root Hole
maelstrom writes: "Looks like someone's found a local root exploit for OpenSSH versions between 2.0 and 3.0.2. Seems as though its a one-off error, there is no public exploit, but there is sure to be one shortly. They aren't ruling out remote exploit. Recommending patching and upgrading ASAP."
props to nothing
-
for many good reasons
What gives? :(
Here are your recent submissions to Slashdot, and their status within the system:
* 2001-11-30 18:32:16 Humorous link that would make a good quickie artic (articles,humor) (rejected)
* 2002-01-03 17:14:58 What do you do when your ISP disconnects you for a (askslashdot,censorship) (rejected)
* 2002-01-18 17:46:45 Arictle on the U.S. Census Bureau using MySQL (articles,news) (rejected)
* 2002-03-07 14:22:41 New OpenSSH vulnerability discovered (articles,news) (rejected)
Does the name Pavlov ring a bell?
Take a look at the latest addition to the O'Reilly catalog.
flaim? wtf is a flaim? Oh you meant like "flaimbate". Nevermind.
cipher.c: In function `cipher_init':
cipher.c:200: void value not ignored as it ought to be
cipher.c:206: warning: implicit declaration of function `EVP_CIPHER_CTX_set_key_length'
cipher.c:210: void value not ignored as it ought to be
cipher.c: In function `cipher_crypt':
cipher.c:220: void value not ignored as it ought to be
cipher.c: In function `cipher_cleanup':
cipher.c:227: void value not ignored as it ought to be
cipher.c: In function `ssh1_3des_init':
cipher.c:280: warning: assignment from incompatible pointer type
cipher.c:299: void value not ignored as it ought to be
cipher.c:300: void value not ignored as it ought to be
cipher.c:301: void value not ignored as it ought to be
cipher.c: In function `ssh1_3des_cbc':
cipher.c:314: warning: assignment from incompatible pointer type
cipher.c:318: void value not ignored as it ought to be
cipher.c:319: void value not ignored as it ought to be
cipher.c:320: void value not ignored as it ought to be
cipher.c: In function `ssh1_3des_cleanup':
cipher.c:329: warning: assignment from incompatible pointer type
cipher.c: In function `evp_ssh1_3des':
cipher.c:346: warning: assignment from incompatible pointer type
cipher.c:347: warning: assignment from incompatible pointer type
cipher.c:348: warning: assignment from incompatible pointer type
cipher.c:349: structure has no member named `flags'
cipher.c:349: `EVP_CIPH_CBC_MODE' undeclared (first use in this function)
cipher.c:349: (Each undeclared identifier is reported only once
cipher.c:349: for each function it appears in.)
cipher.c:349: `EVP_CIPH_VARIABLE_LENGTH' undeclared (first use in this function)
cipher.c: In function `evp_ssh1_bf':
cipher.c:392: warning: assignment from incompatible pointer type
cipher.c:394: warning: assignment from incompatible pointer type
cipher.c: In function `ssh_rijndael_init':
cipher.c:413: warning: assignment from incompatible pointer type
cipher.c: In function `ssh_rijndael_cbc':
cipher.c:440: warning: assignment from incompatible pointer type
cipher.c: In function `ssh_rijndael_cleanup':
cipher.c:477: warning: assignment from incompatible pointer type
cipher.c: In function `evp_rijndael':
cipher.c:494: warning: assignment from incompatible pointer type
cipher.c:495: warning: assignment from incompatible pointer type
cipher.c:496: warning: assignment from incompatible pointer type
cipher.c:497: structure has no member named `flags'
cipher.c:497: `EVP_CIPH_CBC_MODE' undeclared (first use in this function)
cipher.c:497: `EVP_CIPH_VARIABLE_LENGTH' undeclared (first use in this function)
cipher.c:498: `EVP_CIPH_ALWAYS_CALL_INIT' undeclared (first use in this function)
*** Error code 1
Okay, looks like they've started using those big fucking ads. First impression, the size of them doesn't really bother me, but the placement of them does. They just seem to kill the flow of a page. Personally I think it might be better if they could shove it off too the side in one of the sidebars.