lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.GSO.4.44.0310130852270.18763-100000@saga7.Stanford.EDU>
From: tedu at stanford.edu (Ted Unangst)
Subject: openssh exploit code?

On Mon, 13 Oct 2003, security snot wrote:

> ISS' X-Forces claim to have created a working proof-of-concept code for
> the bug.  Are you calling those respectable young men and woman liars?  Or

Can you provide a reference please?
The latest advisory on their web page says
"... the possibility for remote code execution is yet
unproven. There are unconfirmed rumors that there is an exploit in the
wild for this vulnerability."
and
"Details of this vulnerability have been discussed in public forums and
there are rumors of compromises in the wild. These rumors are
unsubstantiated as of the publication time of this advisory."



-- 
"I am clearly more popular than Reagan.  I am in my third term.
Where's Reagan?  Gone after two!  Defeated by George Bush and
Michael Dukakis no less."
      - M. Barry, Mayor of Washington, DC


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ