Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

** OFFTOPIC ** OpenSSH again - not really.

From: "Kurt Seifried" <listuser () seifried org>
Date: Wed, 24 Sep 2003 16:50:55 -0600
I might point out something: If someone could actually show me exploit code
for this flaw I'd love to see it. Heck, if you could point out some decent
evidence one person was compromised via this flaw (a packet trace, forensics
on a compromised system, anything) I'd love to see that too. I'm not saying
it won't happen, I do however stand by my "won't worry much" statement. So
far I have seen no hard (or even soft, or squishy) evidence of this flaw
being exploited.

As for the rest of the rant, I didn't bother to read it. I find the complete
lack of professionalism by Security Snot so utterly tiring and useless.

Apologies to the people CC'ed on this reply, I'm not sure why Security Snot
CC'ed you, and to be honest I'm not sure why I am CC'ing you either.

Apologies to list readers, this is off topic, mea culpa.

P.S. If anyone has any evidence at all this thing is being exploited, please
let the list know. Now that would actually be worth reading.

Kurt Seifried, kurt () seifried org
A15B BEE5 B391 B9AD B0EF
AEB0 AD63 0B4E AD56 E574
http://seifried.org/security/



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: