Re: openssh vulnerability WITH TCP DUMP!

This is a discussion on Re: openssh vulnerability WITH TCP DUMP! within the OpenSSH Development forums, part of the Networking and Network Related category; On Fri, 4 Nov 2005 23:17:25 +1100 Damien Miller <djm@mindrot.org> wrote: > On Fri, ...

		Usenet Forums > Networking and Network Related > OpenSSH Development
Re: openssh vulnerability WITH TCP DUMP!

LinkBack

Thread Tools

Search this Thread

Display Modes

#1 (permalink)

11-04-2005

Damien Miller

Posts: n/a

Re: openssh vulnerability WITH TCP DUMP!

On Fri, 4 Nov 2005 23:17:25 +1100
Damien Miller <djm@mindrot.org> wrote:

> On Fri, 04 Nov 2005 11:54:14 +0100
> Evert van de Waal <evert.vandewaal@imtech.nl> wrote:
> > The aut.log file shows the following:
> > Nov 4 06:25:01 localhost su[5715]: + ??? root:nobody
> > Nov 4 06:25:01 localhost su[5715]: (pam_unix) session opened for user
> > nobody by
> > (uid=0)

oh, I misread. This is root su'ing to nobody and not the other way
round. It is probably not related to malicious activity at all.

-d

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
http://www.mindrot.org/mailman/listi...enssh-unix-dev

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts BB code is On Smilies are Off [IMG] code is Off HTML code is Off Trackbacks are On Pingbacks are On Refbacks are On

All times are GMT +1. The time now is 05:48 AM.