Mike Tancsa writes:
> I know RELENG_8 is no longer supported, but does this issue impact
> FreeBSD 8.x ?
Note that of the three issues mentioned here, one is not exploitable by
an attacker and the other two presuppose a compromised pre-auth child.
DES
--
Dag-Erling Smørgrav - d...@des.no
__
On 8/27/2015 3:24 AM, Dag-Erling Smørgrav wrote:
> Mike Tancsa writes:
>> I know RELENG_8 is no longer supported, but does this issue impact
>> FreeBSD 8.x ?
>
> Note that of the three issues mentioned here, one is not exploitable by
> an attacker and the other two presuppose a compromised pre-au
On Aug 27, 2015, at 3:08 PM, Mike Tancsa wrote:
> On 8/27/2015 3:24 AM, Dag-Erling Smørgrav wrote:
> For the latter two, I am trying to understand in the context of a shared
> hosting system. Could one user with sftp access to their own directory
> use these bugs to gain access to another user's
On Thu, Aug 27, 2015 at 03:19:04PM +0200, Borja Marcos wrote:
>
> On Aug 27, 2015, at 3:08 PM, Mike Tancsa wrote:
>
> > On 8/27/2015 3:24 AM, Dag-Erling Smørgrav wrote:
> > For the latter two, I am trying to understand in the context of a shared
> > hosting system. Could one user with sftp access
Mike Tancsa writes:
> For the latter two, I am trying to understand in the context of a shared
> hosting system. Could one user with sftp access to their own directory
> use these bugs to gain access to another user's account ?
Once again: both of these are attacks on the main sshd process by the
Hi,
After rebuilding my systems after the latest openssl/iret handler I noticed
some incoming email sessions were failing. The failures were primarily from
hotmail.com, outlook.com, google.com and me.com. The SMTP server [sendmail v
8.15.2] logs contained lines like this:
Aug 27 14:41:22 tu
