[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OpenSSH: What went wrong?

To: misc_(_at_)_openbsd_(_dot_)_org
Subject: Re: OpenSSH: What went wrong?
From: Philipp Buehler <OpenBSD_(_at_)_fips_(_dot_)_de>
Date: Sat, 29 Jun 2002 15:20:35 +0200
Mail-followup-to: misc_(_at_)_openbsd_(_dot_)_org
Reply-to: Philipp Buehler <OpenBSD_(_at_)_fips_(_dot_)_de>

On 29/06/2002, Darren Reed <avalon_(_at_)_coombs_(_dot_)_anu_(_dot_)_edu_(_dot_)_au> wrote Cc misc_(_at_)_openbsd_(_dot_)_org:
> > http://www.securitybugware.org/mUNIXes/4323.html
> 
> At the time that was reported, fragrouter had to be modified to
> exploit the problem.

At the time the OpenSSH problem was "reported", an exploit has
yet to been written. Point being?

> That bug got fixed and as part of IPFilter, there's a regression test,
> f13, to make sure it never, accidently, resurfaces.

I am not impressed.

This bug slipped through your maybe existing auditing. Case closed.

As I said, pick your own nose.

No more talk needed.

ciao
-- 
Philipp Buehler, aka fips | sysfive.com GmbH | BOfH | NUCH | <double-p> 

#1: Break the clue barrier!
#2: Already had buzzword confuseritis ?

References:
- Re: OpenSSH: What went wrong?
  - From: Philipp Buehler

Prev by Date: OpenSSH: What went right?
Next by Date: Re: -current "sane to try" yet?
Previous by thread: Re: OpenSSH: What went wrong?
Next by thread: Re: OpenSSH: What went wrong?
Index(es):
- Date
- Thread

Visit your host, monkey.org