- 论坛徽章:
- 0
|
最近Openssh漏洞暴多,请升级至最新的 5.0P1 版
OpenSSH before 4.9 allows remote authenticated users to bypass the sshd_config ForceCommand directive by modifying the .ssh/rc session file.
OpenSSH 4.3p2, and probably other versions, allows local users to hijack forwarded X connections by causing ssh to set DISPLAY to :10, even when another process is listening on the associated port, as demonstrated by opening TCP port 6010 (IPv4) and sniffing a cookie sent by Emacs.
本文来自ChinaUnix博客,如果查看原文请点:http://blog.chinaunix.net/u2/65776/showart_523488.html |
|