lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <871080DEC5874D41B4E3AFC5C400611E03F60B3E@UTDEVS02.campus.ad.utdallas.edu>
From: pauls at utdallas.edu (Schmehl, Paul L)
Subject: Re: new openssh exploit in the wild! *isFAKE AS SH@!*

> -----Original Message-----
> From: Adam Balogh [mailto:adam@...tnet.net] 
> Sent: Friday, September 19, 2003 7:59 AM
> To: Full Disclosure
> Subject: Re: [Full-Disclosure] Re: new openssh exploit in the 
> wild! *isFAKE AS SH@!*
> 
> 
> Probably a scriptkiddie or some random idiot. The fun part 
> was it came up totally different offsets then i mean TOTALLY 
> different each time you ran it and if you gave it a offset it 
> would "work" no matter what. For those people who ran it.. 
> change all your 
> passwords. :)

Why bother?  If you were stupid enough to run that obvious piece of
crap, changing your password is the least of your worries.  (In fact, if
you run *anything* that's posted here without first checking it out
thoroughly or if you don't understand code at all, you might as well run
up the white flag right now.)

Paul Schmehl (pauls@...allas.edu)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/~pauls/ 


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ