| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20030919133149.GF544@rahul.net> From: bet at rahul.net (Bennett Todd) Subject: lsh patch (was Re: new ssh exploit?) 2003-09-19T18:48:24 KF: > Well I messed with it a bit more and it seems to consistantly crash in the > following areas... Sorry for not following up sooner and saving you some effort; the author has analyzed this one, posted a patch to lsh-bugs, and is working on new releases that include the patch. I attach the email that went to lsh-bugs. Short version: simple, one line patch, _urgently_ needs to be applied by all users of lsh. -Bennett -------------- next part -------------- An embedded message was scrubbed... From: nisse@...ator.liu.se (Niels =?iso-8859-1?q?M=F6ller?=) Subject: lshd buffer overrun. Possibly remote root compromise. Date: 18 Sep 2003 22:29:03 +0200 Size: 4215 Url: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030919/ebd52cf0/attachment.mht -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030919/ebd52cf0/attachment.bin
Powered by blists - more mailing lists