Full Disclosure mailing list archives
Re: new ssh exploit?
From: Darren Reed <avalon () caligula anu edu au>
Date: Tue, 16 Sep 2003 08:50:54 +1000 (Australia/ACT)
In some mail from christopher neitzert, sie said:
Does anyone know of or have source related to a new, and unpublished ssh exploit? An ISP I work with has filtered all SSH connections due to several root level incidents involving ssh. Any information is appreciated.
I wonder if this is in any way related to an incident I heard about on efnet's #openbsd where someone at a european con (hack the planet?) mentioned that details of a new openssh exploit had been taped to the openbsd tent (on the outside) whilst all the openbsd ppl were inside, drunk? I suppose if there is any merit to that story (and I'd rank it as no more than heresay myself, but it does paint a good picture of college level kids :) and it was details of some new vulnerability for which there is an exploit then it has been around for a while...assuming, of course, it is the same "bug". Still, as far as stories go, I like it :) My $0.02 worth :) Darren _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: new ssh exploit?, (continued)
- Re: new ssh exploit? Bennett Todd (Sep 18)
- Re: new ssh exploit? Damian Gerow (Sep 18)
- Re: new ssh exploit? Perry E. Metzger (Sep 18)
- Re: new ssh exploit? KF (Sep 18)
- Re: new ssh exploit? KF (Sep 18)
- lsh patch (was Re: new ssh exploit?) Bennett Todd (Sep 19)
- Re: lsh patch (was Re: new ssh exploit?) Carl Livitt (Sep 19)
- Re: lsh patch (was Re: new ssh exploit?) Niels Möller (Sep 19)
- Re: new ssh exploit? Shanphen Dawa (Sep 16)