[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OpenSSH: What went wrong?



On 29/06/2002, Darren Reed <avalon_(_at_)_coombs_(_dot_)_anu_(_dot_)_edu_(_dot_)_au> wrote Cc misc_(_at_)_openbsd_(_dot_)_org:
> > http://www.securitybugware.org/mUNIXes/4323.html
> 
> At the time that was reported, fragrouter had to be modified to
> exploit the problem.

At the time the OpenSSH problem was "reported", an exploit has
yet to been written. Point being?

> That bug got fixed and as part of IPFilter, there's a regression test,
> f13, to make sure it never, accidently, resurfaces.

I am not impressed.

This bug slipped through your maybe existing auditing. Case closed.

As I said, pick your own nose.

No more talk needed.

ciao
-- 
Philipp Buehler, aka fips | sysfive.com GmbH | BOfH | NUCH | <double-p> 

#1: Break the clue barrier!
#2: Already had buzzword confuseritis ? 



Visit your host, monkey.org