Full Disclosure mailing list archives
Re: SSH Exploit Request
From: "Jonathan A. Zdziarski" <jonathan () nuclearelephant com>
Date: Sun, 16 Nov 2003 18:10:37 -0500
`As do I. Maybe I've just been reading comp.risks for too many years, but what I objected to was the "it's *perfectly* safe..." attitude that some were projecting. The older readers on this list probably remember a movie trailer with the line "and nothing can possibly go wrong.. go wrong.. go wrong.. go wrong...."
I think it was around version 3.0.1 where the bright folks working on the ssh project released a version where you could log in as any user by providing any password of two characters in length...which was either extremely stupid or extremely intentional. Don't let anyone ever make you feel paranoid. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- IE Vulnerability Sites, (continued)
- IE Vulnerability Sites Edward W. Ray (Nov 14)
- Re: SSH Exploit Request Peter Moody (Nov 14)
- Re: SSH Exploit Request Chris Watson (Nov 14)
- Re: SSH Exploit Request Gregory A. Gilliss (Nov 14)
- Re: SSH Exploit Request Bryan Allen (Nov 15)
- Re: SSH Exploit Request Valdis . Kletnieks (Nov 15)
- Re: SSH Exploit Request Vladimir Parkhaev (Nov 15)
- Re: SSH Exploit Request Valdis . Kletnieks (Nov 15)
- Re: SSH Exploit Request Vladimir Parkhaev (Nov 16)
- Re: SSH Exploit Request Valdis . Kletnieks (Nov 16)
- Re: SSH Exploit Request Jonathan A. Zdziarski (Nov 16)
- spoofing sir kaber (Nov 16)
- Re: SSH Exploit Request Ron DuFresne (Nov 16)
- Re: SSH Exploit Request KF (Nov 14)
- Re: SSH Exploit Request Jeremiah Cornelius (Nov 13)
- Re: SSH Exploit Request Adam (Nov 13)
- Re: SSH Exploit Request Ron DuFresne (Nov 13)
- Re: SSH Exploit Request Florian Weimer (Nov 13)
- Re: SSH Exploit Request Damian Gerow (Nov 13)