FreeBSD Security Advisory FreeBSD-SA-15:22.openssh
Mike Tancsa
mike at sentex.net
Thu Aug 27 13:08:16 UTC 2015
On 8/27/2015 3:24 AM, Dag-Erling Smørgrav wrote:
> Mike Tancsa <mike at sentex.net> writes:
>> I know RELENG_8 is no longer supported, but does this issue impact
>> FreeBSD 8.x ?
>
> Note that of the three issues mentioned here, one is not exploitable by
> an attacker and the other two presuppose a compromised pre-auth child.
For the latter two, I am trying to understand in the context of a shared
hosting system. Could one user with sftp access to their own directory
use these bugs to gain access to another user's account ?
---Mike
--
-------------------
Mike Tancsa, tel +1 519 651 3400
Sentex Communications, mike at sentex.net
Providing Internet services since 1994 www.sentex.net
Cambridge, Ontario Canada http://www.tancsa.com/
More information about the freebsd-security
mailing list