NFS と OpenSSH + OpenPAM を使っていると...
SA が 3通来ましたが、うち一通は REVISED でした。
- FreeBSD-SA-06:09.openssh Security Advisory:Remote denial of service in NFS server
- FreeBSD-SA-06:09.openssh Security Advisory:Remote denial of service in OpenSSH
公開サーバで NFS を丸裸で使っている人はいないと思います*1が、OpenSSH は気になりますね。
II. Problem Description Because OpenSSH and OpenPAM have conflicting designs (one is event- driven while the other is callback-driven), it is necessary for OpenSSH to fork a child process to handle calls to the PAM framework. However, if the unprivileged child terminates while PAM authentication is under way, the parent process incorrectly believes that the PAM child also terminated. The parent process then terminates, and the PAM child is left behind.
ということなので、OpenPAM と組み合わせて使っていなければとりあえずは大丈夫なのかな?