|
OpenBSD General Other questions regarding OpenBSD which do not fit in any of the categories below. |
|
Thread Tools | Display Modes |
|
|||
What is the meaning of "remote hole"
If a user has a legitimate ssh access, but then while being logged in the machine, gains root access, is this a "remote hole?"
Tony |
|
||||
Two thoughts come to top of mind:
Exploiting a flaw in the FooSSH server to gain a ssh session logged into the account that server daemon is running as. Sending IIS a malformed HTTP message that causes a buffer overflow, causing the web server to execute code crafted into the HTTP operation. (e.g. GET superlongstring/shutdown -s -t 0.)
__________________
My Journal Thou shalt check the array bounds of all strings (indeed, all arrays), for surely where thou typest ``foo'' someone someday shall type ``supercalifragilisticexpialidocious''. |
|
|||
Thanks for the clarification. So when OpenBSD claims that they have only 2 remote holes, they don't count privilege escalation, do they?
|
|
|||
No.
|
|
||||
Quote:
|
Thread Tools | |
Display Modes | |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
wpa_supplicant errors: "CTRL-EVENT-SCAN-RESULTS" | jackburke | FreeBSD General | 0 | 1st February 2010 12:07 AM |
Opera Port - conflicting pkgs in "make install" | IronForge | OpenBSD Packages and Ports | 5 | 29th October 2009 05:10 AM |
Fixed "xinit" after _7 _8, "how" here in case anyones' "X" breaks... using "nvidia" | jb_daefo | Guides | 0 | 5th October 2009 09:31 PM |
"Thanks" and "Edit Tags". | diw | Feedback and Suggestions | 2 | 29th March 2009 12:06 AM |
Newbie-friendly "printing in OpenBSD" guide wanted | Shagbag | OpenBSD Packages and Ports | 5 | 7th July 2008 09:26 PM |