[ale] OpenSSH root vulnerability
Stuffed Crust
pizza at shaftnet.org
Fri Mar 8 13:14:28 EST 2002
On Fri, Mar 08, 2002 at 12:42:23PM -0500, John Mills wrote:
> Setup: RH 6.2, gcc-2.91.66 ('vanilla' RH-6.2)
>
> Only some mirrors have any source of 'portable' openssh-3.1 - I downloaded
> what I found: 'openssh-3.1p1.tar.gz' and unpacked it. 'configure' ran OK,
> but 'make' crashed on:
There aren't "stock" RH 6.2 RPMs, so one has to build their own. The
problem is that RH6.2 comes with openssl0.9.5a, which doesn't want to
compile cleanly with openssh 3.1.
So, you need to upgrade to a newer versiopn of openssl.
I built openssl 0.9.6b and openssh 3.1; RH 6.2 RPMs are at:
ftp://ftp.shaftnet.org/pub/rpms/redhat-6.2/i386
openssh-3.1p1-1.i386.rpm
openssh-askpass-3.1p1-1.i386.rpm
openssh-askpass-gnome-3.1p1-1.i386.rpm
openssh-clients-3.1p1-1.i386.rpm
openssh-server-3.1p1-1.i386.rpm
openssl095a-0.9.5a-11.i386.rpm
openssl-0.9.6b-8.i386.rpm
openssl-devel-0.9.6b-8.i386.rpm
openssl-perl-0.9.6b-8.i386.rpm
Enjoy.
- Pizza
--
Solomon Peachy pizzaATfucktheusers.org
I ain't broke, but I'm badly bent. ICQ# 1318344
Patience comes to those who wait.
...It's not "Beanbag Love", it's a "Transanimate Relationship"...
PGP signature
More information about the Ale
mailing list