Full Disclosure mailing list archives
Re: [Rumor] SSH 0-day
From: Charles Majola <charles.lists () gmail com>
Date: Thu, 9 Jul 2009 17:11:08 +0200
From the LWN article (OpenSSH maintainer Damien Miller), its probably
not real, well just have to wait and see On Thu, Jul 9, 2009 at 4:55 PM, James Matthews <nytrokiss () gmail com> wrote:
I am worried that if it is an OpenSSH 0day how much damage should I expect. However SANS doesn't seem to think it's real. James On Thu, Jul 9, 2009 at 12:46 PM, Kaspar Mendev <kaspar.m () gmx com> wrote:See also their update http://isc.sans.org/diary.html?storyid=6760 Though like frank^2 says, we'll see what we'll see. ----- Original Message ----- From: frank^2 Sent: 07/09/09 01:09 am To: Anderson Kaiser Subject: Re: [Full-disclosure] [Rumor] SSH 0-day On Wed, Jul 8, 2009 at 1:58 PM, Anderson Kaiser wrote:2009/7/8 Martin Spinassi :Hi list, I've been reading around (openssh mailing list, some forums, etc.) a rumor about a 0-day exploit in openssh. Does anybody knows if there is *really* something like this in the wild? Cheers MartinThis attack sounds more like a brute-force attack than a 0-day. You can see it in the original post.There's also the ominous anonymous comment left by a fellow on a blog: http://isc.sans.org/diary.html?storyid=6742 The significant stuff: "Expect the SSH exploit to be made public before BH/DC. I have proof that I can't share (sorry), that this exploit does exist, does not work against current versions of SSH, and is actively being used by members of the anti-sec movement." Signs seem to be pointing to hoax, old exploit or non-exploit, though. Unfortunately there's really not quite enough information to make an assessment yet, IMHO. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/-- http://www.goldwatches.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- [Rumor] SSH 0-day Martin Spinassi (Jul 08)
- Re: [Rumor] SSH 0-day Ben Rosenberg (Jul 08)
- Re: [Rumor] SSH 0-day Anderson Kaiser (Jul 08)
- Re: [Rumor] SSH 0-day frank^2 (Jul 08)
- <Possible follow-ups>
- Re: [Rumor] SSH 0-day Kaspar Mendev (Jul 09)
- Re: [Rumor] SSH 0-day James Matthews (Jul 09)
- Re: [Rumor] SSH 0-day Charles Majola (Jul 09)
- Re: [Rumor] SSH 0-day Kevin Wilcox (Jul 09)
- [Rumor] SSH 0-day Kevin Wilcox (Jul 09)
- Re: [Rumor] SSH 0-day James Matthews (Jul 09)