Administrivia #14318

[Blue Boar <BlueBoar () thievco com>]

OK, I'm back from my trip.  I apologize, I ended up with even less
Internet access for the latter half than I thought I would.  I've
just approved the batch of messages I had waiting.  I've dropped
most of the rumor thread regarding qmail and SSH2.  I guess the
Apache rumor was successful (sort of; it was a PHP bug.)  I've
got a copy of the exploit in the wild, and just approved what
claims to be a different exploit (again, don't run any code
from here without checking.)  I don't know whether I will
be able to provide copies of the binary exploit yet.  It
was made up to some degree to look like a TESO exploit, but
there is also evidence to indicate it is not.  I don't
suppose the actual author would care to go ahead and post the 
source and take credit now?  Since many people now have copies,
IDS rules exist, the bug is in the open, etc...  AFAIK, there
is no legal problem with privately researching a hole, producing
an exploit, and sharing it with friends.  

Unless someone has actual evidence of the SSH2 and/or qmail
exploits, I'll consider those dead topics.  Even if you were
personally r00ted by such, unless you've got a packet capture
or something, it does us no good.  

                                        BB