Bugtraq mailing list archives
Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy]
From: sean () FLAME ORG (Sean-Paul Rees)
Date: Mon, 27 Sep 1999 15:43:41 -0700
On Mon, 27 Sep 1999, Dan Astoorian wrote:
A trivial demo program that demonstrates the problem is attached. (It needs no special privileges; run it as an unprivileged user in any writable directory.) The program reports "okay" under Solaris 2.5.1 and IRIX 6.5.2, "vulnerable" under RedHat 6.
According to this program, FreeBSD 3.3-STABLE/i386: Vulnerable NetBSD 1.4.1/i386: Vulnerable Debian GNU/Linux 2.2 (kernel 2.2.12)/i386: Vulnerable Solaris 2.6/sparc: Okay Cheers, Sean
Current thread:
- [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Marc SPARC (Sep 23)
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Tymm Twillman (Sep 26)
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Solar Designer (Sep 27)
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Dan Astoorian (Sep 27)
- ufsdump problem under Solaris 2.6 with ufs.c posix (Sep 27)
- Re: ufsdump problem under Solaris 2.6 with ufs.c Carson Gaspar (Sep 29)
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Sean-Paul Rees (Sep 27)
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Valdis.Kletnieks () VT EDU (Sep 27)
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Alan Cox (Sep 28)
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Mike Iglesias (Sep 28)
- Team Asylum: iHTML Merchant Vulnerabilities Team Asylum (Sep 28)
- Team Asylum: Yahoo! Messenger DoS Team Asylum (Sep 28)
- Sun's TTSESSION Vulnerability Bauer, Rich (Sep 29)
- Re: Sun's TTSESSION Vulnerability Richard L. Goerwitz (Sep 29)
- WWWBoard Elias Levy (Sep 29)
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Sylvain Robitaille (Sep 29)
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Dan Astoorian (Sep 29)
- ufsdump problem under Solaris 2.6 with ufs.c posix (Sep 27)
(Thread continues...)
- Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy] Tymm Twillman (Sep 26)