[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] new ssh exploit?

To: "phlox" <phlox@xxxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: Re: [Full-Disclosure] new ssh exploit?
From: Andreas Gietl <a.gietl@xxxxxxxxxx>
Date: Tue, 16 Sep 2003 14:58:12 +0200

On Monday 15 September 2003 22:45, phlox wrote:

does privilege separation prevent the bug from being exploited?


> yes there is a vuln for 3.6p1.
> I believe there is a patch for buffer.c, dont know if its publicly
> available?
>
> -phlox
>
> ----- Original Message -----
> From: "christopher neitzert" <chris@xxxxxxxxxxxx>
> To: <full-disclosure@xxxxxxxxxxxxxxxx>
> Sent: Monday, September 15, 2003 9:02 AM
> Subject: [Full-Disclosure] new ssh exploit?
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html

-- 
e-admin internet gmbh
Andreas Gietl                                            tel +49 941 3810884
Ludwig-Thoma-Strasse 35                      fax +49 (0)1805/39160 - 29104
93051 Regensburg                                  mobil +49 171 6070008

PGP/GPG-Key unter http://www.e-admin.de/gpg.html




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] new ssh exploit?
  - From: Florian Weimer

References:
- [Full-Disclosure] new ssh exploit?
  - From: christopher neitzert
- Re: [Full-Disclosure] new ssh exploit?
  - From: phlox

Prev by Date: Re: [Full-Disclosure] VBScript/JScript.Encode Decoder
Next by Date: Re: [Full-Disclosure] openssh remote exploit
Previous by thread: Re: [Full-Disclosure] new ssh exploit?
Next by thread: Re: [Full-Disclosure] new ssh exploit?
Index(es):
- Date
- Thread