Vulnerability Development mailing list archives

Re: SSH2 Exploit?

From: Sten <sten () blinkenlights nl>
Date: Wed, 27 Feb 2002 22:04:26 +0100 (CET)

On Tue, 26 Feb 2002, John Compton wrote:

[root@testbox ]# ./sshex

7350ylonen - x86 ssh2 <= 3.1.0 exploit
dream team teso
usage: 7350ylonen [-hd] <-p port> <-t target> <-d packet_delay> host

It tries to connect to port 22 when I target localhost, but I can't tell if
sshd is crashing or not as I can't use gdb to attach to the process in time.
  The only SSH vulnerabilities I could find affected SSH1 servers, or
OpenSSH.  Has anyone else found this exploit on their systems or know
something about it?


I can confirm that this is circulating, it seems to only
affect the commercial SSH.com code, which limits the impact
somewhat, because most opensource os's use openssh instead.

-- 
Sten Spans

  "What does one do with ones money,
   when there is no more empty rackspace ?"

Current thread:

SSH2 Exploit? John Compton (Feb 26)
- Re: SSH2 Exploit? Teodor Cimpoesu (Feb 27)
- Re: SSH2 Exploit? Sten (Feb 27)
- Re: SSH2 Exploit? Ron DuFresne (Feb 27)