Penetration Testing mailing list archives
Re: OpenSSH 3.5p1
From: H D Moore <sflist () digitaloffense net>
Date: Thu, 12 Jan 2006 15:37:20 -0600
Most systems running that version of OpenSSH are still using an exploitable version of the 'zlib' library. Technically, you can trigger the zlib bug prior to authentication (protocol 2, MSG_IGNORE requests), but getting a shell out of it seems difficult. -HD On Wednesday 11 January 2006 16:50, Farz Hem wrote:
Is there any problem with 3.5p1 that can actually be exploited? I want to but all the supposed exploits with this version that I can find are "rumored," so my boss doesn't want me to touch the servers unless there actually is a possibility of security breaching. If there is one, please send maybe a proof of concept or an explanation.
------------------------------------------------------------------------------ Audit your website security with Acunetix Web Vulnerability Scanner: Hackers are concentrating their efforts on attacking applications on your website. Up to 75% of cyber attacks are launched on shopping carts, forms, login pages, dynamic content etc. Firewalls, SSL and locked-down servers are futile against web application hacking. Check your website for vulnerabilities to SQL injection, Cross site scripting and other web attacks before hackers do! Download Trial at: http://www.securityfocus.com/sponsor/pen-test_050831 -------------------------------------------------------------------------------
Current thread:
- OpenSSH 3.5p1 Farz Hem (Jan 11)
- Re: OpenSSH 3.5p1 Valarie and Nick Schmidt (Jan 12)
- Re: OpenSSH 3.5p1 H D Moore (Jan 13)