Please see below for details of another openssh advisory. Is the current patched version of SuSE vulnerable to this attack? The advisory warns that we are vulnerable if privsep is disabled - the most recent patch from SuSE disabled privsep by default! I like the idea of privsep, please can somebody at SuSE answer the following: 1. How do I re-enable privsep - is it enough to turn it on in the sshd_config? 2. What is the problem with enabling privsep in the latest release? 3. How do I check that privsep is actually working - there doesn't seem to be any record of it in the syslog. 4. I am used to restricting access to many services via the hosts.allow - will this help if there is an sshd exploit? Thanks -- Simon Oliver This document can be found at: http://www.openssh.com/txt/sshpam.adv 1. Versions affected: Portable OpenSSH versions 3.7p1 and 3.7.1p1 contain multiple vulnerabilities in the new PAM code. At least one of these bugs is remotely exploitable (under a non-standard configuration, with privsep disabled). The OpenBSD releases of OpenSSH do not contain this code and are not vulnerable. Older versions of portable OpenSSH are not vulnerable. 2. Solution: Upgrade to Portable OpenSSH 3.7.1p2 or disable PAM support ("UsePam no" in sshd_config). Due to complexity, inconsistencies in the specification and differences between vendors' PAM implementations we recommend that PAM be left disabled in sshd_config unless there is a need for its use. Sites only using public key or simple password authentication usually have little need to enable PAM support.