KarkomaOnline

According to NetSecurity …

The ip_setsockopt() function code is a subroutine of the setsockopt(2) system call. This function allows manipulation of various options of the IP socket. The MCAST_MSFILTER option can be used to provide the kernel with a list of multicast addresses to be received on the socket. This code has been introduced with the 2.4.22/2.6.1 kernel releases. Proper exploitation of this vulnerability leads to local privilege escalation giving an attacker full super-user privileges. Unsuccesfull exploitation of the vulnerability may lead to a denial-of-service attack causing machine crash or instant reboot.

This bug has been fixed in the 2.4.26 and 2.6.4 kernel releases.

References:

• NetSecurity

As you know, the main feature of OpenSSH is to establish secure connections to remote machines, so you get interactive sessions against them. However, OpenSSH also allows you to execute commands on remote machines. You can execute commands and have the output returned to the screen without logging in to the remote machine.

To execute a command remotely simply type:

ssh user@remote_host ‘ls -al /etc’

However, some commands require a terminal to run properly. For example, if you want to edit a remote file using vi you probably will try something like this:

ssh user@remote_host ‘vi /etc/passwd’

And you’ll get warnings like this:

Vim: Warning: Output is not to a terminal
Vim: Warning: Input is not from a terminal

To avoid such warnings and cleanly edit your remote files type the following:

ssh -t user@remote_host ‘vi /etc/passwd’

The -t option will… (from OpenSSH man pages)

Force pseudo-tty allocation. This can be used to execute arbitrary screen-based programs on a remote machine, which can be very useful, e.g., when implementing menu services. Multiple -t options force tty allocation, even if ssh has no local tty.