What is the meaning of "remote hole"

[bruguiea]

If a user has a legitimate ssh access, but then while being logged in the machine, gains root access, is this a "remote hole?"

Tony

[DutchDaemon]

No, that's a local privilege escalation (his initial access was legitimate). In this case, an unprivileged local user managed to elevate their privilege.

[TerryP]

Two thoughts come to top of mind:

Exploiting a flaw in the FooSSH server to gain a ssh session logged into the account that server daemon is running as.

Sending IIS a malformed HTTP message that causes a buffer overflow, causing the web server to execute code crafted into the HTTP operation. (e.g. GET superlongstring/shutdown -s -t 0.)

[bruguiea]

Thanks for the clarification. So when OpenBSD claims that they have only 2 remote holes, they don't count privilege escalation, do they?

[ocicat]

Quote:

Originally Posted by bruguiea

So when OpenBSD claims that they have only 2 remote holes, they don't count privilege escalation, do they?

No.

[Carpetsmoker]

The "Only two remote holes in the default install, in a heck of a long time!"-claim is slightly misleading.
The default install has almost all network services turned off, and as was pointed out not all security problems are counted.

The claim is technically correct, but it does not mean what many people think it means.

[Android1]

Quote:

Originally Posted by Carpetsmoker

The "Only two remote holes in the default install, in a heck of a long time!"-claim is slightly misleading.\
The default install has almost all network services turned off, and as was pointed out not all security problems are counted.

Indeed. OpenBSD 4.5 and 4.6 were patched for security reasons three times each.