Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Re: rssh security announcement
May 15 2012 03:46PM
Derek Martin (code pizzashack org)
On Tue, May 08, 2012 at 12:24:52PM -0500, Derek Martin wrote:
> Henrik Erkkonen has discovered that, through clever manipulation of
> environment variables on the ssh command line, it is possible to
> circumvent rssh. As far as I can tell, there is no way to effect a
> root compromise, except of co...
[ more ]
Copyright 2010, SecurityFocus