Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: openssh exploit code?

From: Ted Unangst <tedu () stanford edu>
Date: Mon, 13 Oct 2003 08:55:29 -0700 (PDT)
On Mon, 13 Oct 2003, security snot wrote:


ISS' X-Forces claim to have created a working proof-of-concept code for
the bug.  Are you calling those respectable young men and woman liars?  Or


Can you provide a reference please?
The latest advisory on their web page says
"... the possibility for remote code execution is yet
unproven. There are unconfirmed rumors that there is an exploit in the
wild for this vulnerability."
and
"Details of this vulnerability have been discussed in public forums and
there are rumors of compromises in the wild. These rumors are
unsubstantiated as of the publication time of this advisory."



-- 
"I am clearly more popular than Reagan.  I am in my third term.
Where's Reagan?  Gone after two!  Defeated by George Bush and
Michael Dukakis no less."
      - M. Barry, Mayor of Washington, DC

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: