[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Fwd: ssh-1.2.27 exploit]

Nate Grey [NGDN]
System Administrator
--- Begin Message ---
Jarek Kutylowski wrote:

> I have now worked on the ssh-1.2.27 rsaref buffer overflow and consider
> ssh now as quite immune. It is of course possible to crash sshd, but
> a real attack is, in my opinion, impossible.


We have a working exploit against Linux and OpenBSD, we are waiting for
CERT to publish their advisory.
As soon as that happens, or before if its taking too long, we'll publish the
Since the problem is not being actively exploited (as far as we know), there
didnt seem to be a reason to post the exploit code with our advisory.


"Understanding. A cerebral secretion that enables one having it to know
 a house from a horse by the roof on the house,
 It's nature and laws have been exhaustively expounded by Locke,
 who rode a house, and Kant, who lived in a horse." - Ambrose Bierce

==================[ CORE Seguridad de la Informacion S.A. ]=========
Iván Arce
PGP Fingerprint: C7A8 ED85 8D7B 9ADC 6836  B25D 207B E78E 2AD1 F65A
email   : iarce_(_at_)_core-sdi_(_dot_)_com
Pte. Juan D. Peron 315 Piso 4 UF 17
1038 Capital Federal
Buenos Aires, Argentina.              Tel/Fax : +(54-11) 4331-5402
Casilla de Correos 877 (1000) Correo Central

--- For a personal reply use iarce_(_at_)_core-sdi_(_dot_)_com

--- End Message ---