lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: pauls at (Paul Schmehl)
Subject: No Subject (re: openssh exploit code?)

--On Monday, October 20, 2003 5:19 PM -0700 "Gregory A. Gilliss" 
<> wrote:

> Hi,
> Maybe I missed something here...
No, you didn't.

> I'm an assembler jockey from BITD and I know a few things about alloc/
> calloc/malloc and heaps and stacks etc. So what's the key, may I ask,
> to this heap exploit that was the origin of this thread?
You're never going to find that out, Gregory, because mitch, our l33t code 
monkey, is keeping the code to himself.  Now mind you, he *assures* us that 
it's easy to 'sploit, so we're just gonna have to take his word for it.

But you'd better patch now, 'cause he's gunnin' for ya.

Paul Schmehl (
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member

Powered by blists - more mailing lists