lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <200309191257.31019.haggis@haggis.kicks-ass.net> From: haggis at learningshophull.co.uk (Haggis) Subject: Remote root in LSH After reading about a theoretical remote hole in OpenSSH and many detractors smugly saying that they weren't vulnerable because they run LSH (a free alternative), I'd like to present a working remote root exploit against LSH version 1.4.x. Enjoy. -------------- next part -------------- A non-text attachment was scrubbed... Name: lsh_exploit.c Type: text/x-csrc Size: 7444 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030919/bcb91580/lsh_exploit.bin