RE: Re: new openssh exploit in the wild! *isFAKE AS SH@!*

[Adam Balogh <adam () vattnet net>]

Adam wrote:
> Probably a scriptkiddie or some random idiot. The fun part 
> was it came up totally different offsets then i mean TOTALLY 
> different each time you ran it and if you gave it a offset it 
> would "work" no matter what. For those people who ran it.. 
> change all your 
> passwords. :)

Paul Schmehl wrote:
> Why bother?  If you were stupid enough to run that obvious piece of
> crap, changing your password is the least of your worries.  (In fact, if
> you run *anything* that's posted here without first checking it out
> thoroughly or if you don't understand code at all, you might as well run
> up the white flag right now.)

First of all we didnt run it without checking what is was. And my change
your password comment was directed to those ppl who ran it without
knowing what it was. Which i indeed knew and therefor ran it on a
isolated labmachine. So i dont know to whom your unneccesary commentary
was directed to?

/Adam


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html