Vulnerability Development mailing list archives

Re: ssh-1.2.27 remote buffer overflow - exploitable -- OFF TOPIC

From: bsmargiassi () SKYWEB NET (Bill Smargiassi)
Date: Tue, 9 Nov 1999 11:39:15 -0500


----- Original Message -----
From: Frank <foofc7ca () SOFTHOME NET>

This is submitted to the Freebsd bug tracking system, although there are

doubtless other vendors who leave this package, despite the existence of the
ssh-2.X.

ssh 1.x is usually used because neither 1.x or 2.x are really free software,
but 1.x's license at least allows for non-commercial use in a commercial
setting. The 2.x license states that any use in a commercial setting
requires purchasing a $500 license. Hence the lsh and OpenSSH projects. This
will probably keep 2.x from ever really catching on outside universities.

bill

Current thread:

ssh-1.2.27 remote buffer overflow - exploitable Frank (Nov 08)
- Re: ssh-1.2.27 remote buffer overflow - exploitable Jochen Bauer (Nov 09)
- Re: ssh-1.2.27 remote buffer overflow - exploitable Daniel Jacobowitz (Nov 09)
  - Re: ssh-1.2.27 remote buffer overflow - exploitable Markus Friedl (Nov 11)
  - [Fwd: [Fwd: ICQ 2000 trojan/worm (VD#5)]] Blue Boar (Nov 13)
- Re: ssh-1.2.27 remote buffer overflow - exploitable Daniel Jacobowitz (Nov 09)
- Re: ssh-1.2.27 remote buffer overflow - exploitable -- OFF TOPIC Bill Smargiassi (Nov 09)
- thttpd 2.04 stack overflow D. J. Bernstein (Nov 09)