[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] openssh remote exploit

To: petard@xxxxxxxxxxxxxxxx (petard)
Subject: Re: [Full-Disclosure] openssh remote exploit
From: Darren Reed <avalon@xxxxxxxxxxxxxxxxxxx>
Date: Wed, 17 Sep 2003 06:49:30 +1000 (Australia/ACT)

In some mail from petard, sie said:
> 
> On Wed, Sep 17, 2003 at 02:41:16AM +1000, Darren Reed wrote:
> DR:> In some mail from auto64746@xxxxxxxxxxxx, sie said:
> [Offtopic] Really, must we politicise everything?! It is 
> more informative and equally gender-neutral to state:
> "On <timestamp>, <sender's name/address> wrote:"

I've been using "sie" for more likely longer than you have been using
the Internet so :-P

> [/Offtopic]
> 
> DR:> And  I'm sure this will manage to be another remote exploit that
> DR:> the OpenBSD team will find a way to not count on their front page.
> 
> As far as I can tell, this is another remote exploit that the OpenBSD
> team should not count on their front page. It does not appear to be 
> exploitable on OpenBSD in any configuration I have here, and no one
> I've been in communication with has seen any OBSD boxes compromised.
> 
> Do you have any knowledge of a working exploit against OpenBSD?

No.  Does a vulnerability need an exploit before it becomes a hole ?

Darren

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] openssh remote exploit
  - From: Blue Boar
- Re: [Full-Disclosure] openssh remote exploit
  - From: petard

References:
- Re: [Full-Disclosure] openssh remote exploit
  - From: petard

Prev by Date: Re: [Full-Disclosure] new ssh exploit?
Next by Date: Re: [Full-Disclosure] iDEFENSE Security Advisory 09.16.03: Remote Root Exploitation of Default Solaris sadmind Setting
Previous by thread: Re: [Full-Disclosure] openssh remote exploit
Next by thread: Re: [Full-Disclosure] openssh remote exploit
Index(es):
- Date
- Thread