Full Disclosure mailing list archives
Re: lsh patch (was Re: new ssh exploit?)
From: Carl Livitt <carl () learningshophull co uk>
Date: Fri, 19 Sep 2003 16:54:16 +0000
I'm *not* going to bet that it isn't exploitable. I'll try to get new releases out within a few days, until then, I recommend that you apply the above patch to lshd and recompile, or disable lshd service.
I would recommend that too. Attached is a revised version of the exploit I posted earlier with a couple more targets.... it also works against lsh running 'daemonic', ie. started as a daemon and not just against lshd running in the foreground. The only caveat is that the exploit must be the first thing to connect to lshd otherwise the exploit becomes a DoS. More advanced exploits that work _every_ time should be expected. Carl.
Attachment:
lsh_exploit.c
Description:
Current thread:
- Re: new ssh exploit?, (continued)
- Re: new ssh exploit? Blue Boar (Sep 16)
- Re: new ssh exploit? Bennett Todd (Sep 17)
- Re: new ssh exploit? Bennett Todd (Sep 18)
- Re: new ssh exploit? Damian Gerow (Sep 18)
- Re: new ssh exploit? Bennett Todd (Sep 18)
- Re: new ssh exploit? Damian Gerow (Sep 18)
- Re: new ssh exploit? Perry E. Metzger (Sep 18)
- Re: new ssh exploit? KF (Sep 18)
- Re: new ssh exploit? KF (Sep 18)
- lsh patch (was Re: new ssh exploit?) Bennett Todd (Sep 19)
- Re: lsh patch (was Re: new ssh exploit?) Carl Livitt (Sep 19)
- Re: lsh patch (was Re: new ssh exploit?) Niels Möller (Sep 19)
- Re: new ssh exploit? Shanphen Dawa (Sep 16)