Security Incidents mailing list archives
Re: Attacks against SSH?
From: Florian Weimer <Florian.Weimer () RUS Uni-Stuttgart DE>
Date: 04 Dec 2001 16:09:57 +0100
"f.johan.beisser" <jan () caustic org> writes:
the exploit is (supposedly) encrypted, stripped, and for x86 linux. the binary has an md5 checksum of 1309689a9af6b82e11e8dfa5c6282c30. it's ruffly 1.4 megs in size. i've only seen it as "x2".
We've seen a "targets" file accompanying the "x2" file. It lists some offsets, but only for SSH versions which are known to have the CRC32 bug. -- Florian Weimer Florian.Weimer () RUS Uni-Stuttgart DE University of Stuttgart http://cert.uni-stuttgart.de/ RUS-CERT +49-711-685-5973/fax +49-711-685-5898 ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- Re: Attacks against SSH?, (continued)
- Re: Attacks against SSH? Dave Dittrich (Dec 04)
- Re: Attacks against SSH? Jason Baker (Dec 04)
- Re: Attacks against SSH? Michal Zalewski (Dec 04)
- Re: Attacks against SSH? Russell Fulton (Dec 04)
- Re: Attacks against SSH? Przemyslaw Frasunek (Dec 05)
- Re: Attacks against SSH? Dave Dittrich (Dec 04)
- Re: Attacks against SSH? f.johan.beisser (Dec 04)
- SSH1 CRC32 Compensation Attacks Armando B. Ortiz (Dec 10)
- Re: SSH1 CRC32 Compensation Attacks Andreas Östling (Dec 10)
- Re: SSH1 CRC32 Compensation Attacks Armando Ortiz (Dec 10)
- Re: Attacks against SSH? Steven S (Dec 03)
- Re: Attacks against SSH? Adam Manock (Dec 04)
- Message not available
- Message not available
- Re: Attacks against SSH? johan . augustsson (Dec 06)
- Re: Attacks against SSH? David Chin (Dec 05)
- Re: Attacks against SSH? Skip Carter (Dec 05)