Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

OpenSSH Vulnerability

From: Rodrigo Matuck <rodrigomatuck () globo com>
Date: Tue, 28 Jul 2009 02:11:50 -0300
Hi everybody

I'm doing a pentest - blackbox. I found a old version of openssh
running on the target. The vulnerability is:

Portable OpenSSH GSSAPI Remote Code Execution Vulnerability -
http://www.securityfocus.com/bid/20241

However i can't find a PoC. Someone can help me ?

p.s: i know that scanner results is enough, however i really need proof this.

Regards,

Rodrigo M. Roque
Security Analyst - Penetration Tester

------------------------------------------------------------------------
This list is sponsored by: Information Assurance Certification Review Board

Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT 
and CEPT certs require a full practical examination in order to become certified. 

http://www.iacertification.org
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: