Debian 2.2: DSA-091-1 Moderate: SSH Privilege Escalation
debian
December 5, 2001
If the UseLogin feature is enabled in for ssh local users couldpass environment variables (including variables like LD_PRELOAD)to the login process.
Topics Covered
Summary
Package : ssh
Problem type : influencing login
Debian-specific: no
If the UseLogin feature is enabled in for ssh local users could
pass environment variables (including variables like LD_PRELOAD)
to the login process. This has been fixed by not copying the
environment of UseLogin is enabled.
Please note that the default configuration for Debian does not
have the UseLogin enabled.
This has been fixed in version 1:1.2.3-9.4.
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
Debian GNU/Linux 2.2 alias potato
---------------------------------
Potato was released for alpha, arm, i386, m68k, powerpc and sparc.
Source archives:
MD5 checksum: a3600ed331f986cf4c9e8999bc5d69cb
MD5 checksum: 30c2e9775b9bbb214afd95a731e0f482
MD5 checksum: 6aad0cc9ceca55f138ed1ba4cf660349
Architecture independent archives:
MD5 checksum: eb61f2cbd0a985ad91460676c54e8234
Alpha architecture:
MD5 checksum: a1ff...
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!