Full Disclosure mailing list archives

Re: new ssh exploit?

From: Andreas Gietl <a.gietl () e-admin de>
Date: Tue, 16 Sep 2003 14:58:12 +0200

On Monday 15 September 2003 22:45, phlox wrote:

does privilege separation prevent the bug from being exploited?

yes there is a vuln for 3.6p1.
I believe there is a patch for buffer.c, dont know if its publicly
available?

-phlox

----- Original Message -----
From: "christopher neitzert" <chris () neitzert com>
To: <full-disclosure () lists netsys com>
Sent: Monday, September 15, 2003 9:02 AM
Subject: [Full-disclosure] new ssh exploit?

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


-- 
e-admin internet gmbh
Andreas Gietl                                            tel +49 941 3810884
Ludwig-Thoma-Strasse 35                      fax +49 (0)1805/39160 - 29104
93051 Regensburg                                  mobil +49 171 6070008

PGP/GPG-Key unter http://www.e-admin.de/gpg.html




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

new ssh exploit? christopher neitzert (Sep 15)
- Re: new ssh exploit? security snot (Sep 15)
- Re: new ssh exploit? phlox (Sep 15)
  - Re: new ssh exploit? Andreas Gietl (Sep 16)
    - Re: new ssh exploit? Florian Weimer (Sep 16)
    - Re: new ssh exploit? Michael 'Moose' Dinn (Sep 16)
    - RE: new ssh exploit? Aditya (Sep 17)
    - Re: new ssh exploit? Cael Abal (Sep 17)
- Re: new ssh exploit? christopher neitzert (Sep 15)
  - Re: new ssh exploit? Adam Shostack (Sep 15)
    - Re: new ssh exploit? Justin Kreger (Sep 15)
    - Re: new ssh exploit? Ron DuFresne (Sep 16)
    - Re: new ssh exploit? Jonathan A. Zdziarski (Sep 16)
    - Re: new ssh exploit? Valdis . Kletnieks (Sep 17)

(Thread continues...)