Bugtraq mailing list archives
Re: rssh security announcement
From: Derek Martin <code () pizzashack org>
Date: Wed, 9 May 2012 12:36:58 -0500
On Tue, May 08, 2012 at 08:50:11PM -0400, Nico Kadel-Garcia wrote:
Is it still a problem with OpenSSH version 6, which was recently published?
Yes. The flaw is in how rssh parses command lines, irrespective of what SSH implementation is used. I've been a bit vague about the details for the moment; I'm hoping that the announcement will generate some interest in taking over the maintenance of the project. I'd like to have some sense of what will happen next before the full details are disclosed. If someone wants to step forward, it would be good to give them a chance to fix it before that happens. -- Derek D. Martin http://www.pizzashack.org/ GPG Key ID: 0x81CFE75D
Attachment:
_bin
Description:
Current thread:
- rssh security announcement Derek Martin (May 09)
- Re: rssh security announcement Derek Martin (May 10)
- Message not available
- Re: rssh security announcement Derek Martin (May 10)
- Message not available
- Re: rssh security announcement Derek Martin (May 10)
- Re: rssh security announcement Derek Martin (May 15)