Vulnerability Development mailing list archives
Re: OpenSSH Vulnerability
From: weigelt () metux de
Date: Thu, 18 Sep 2003 20:57:06 +0200
On Thu, Sep 18, 2003 at 11:35:21AM -0700, Alexander E. Cuttergo wrote: <snip>
It would be easier to exploit out-of-memory condition. But it requires additional bug to consume all memory on an attacked host. By default, sshd allows only 10 unauthenticated sessions, so by sshd you can only consume ca 20MBx10=200MB, which is not enough.
Is it also true when running sshd by inetd (-i) ? cu -- --------------------------------------------------------------------- Enrico Weigelt == metux IT services phone: +49 36207 519931 www: http://www.metux.de/ fax: +49 36207 519932 email: contact () metux de cellphone: +49 174 7066481 --------------------------------------------------------------------- Diese Mail wurde mit UUCP versandt. http://www.metux.de/uucp/
Current thread:
- OpenSSH Vulnerability Adam Gilmore (Sep 18)
- <Possible follow-ups>
- Re: OpenSSH Vulnerability Alexander E. Cuttergo (Sep 18)
- Re: OpenSSH Vulnerability weigelt (Sep 18)
- Re: OpenSSH Vulnerability Ryan Veety (Sep 18)
- Re: OpenSSH Vulnerability Adam (Sep 19)