[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] openssh remote exploit

To: Darren Reed <avalon@xxxxxxxxxxxxxxxxxxx>
Subject: Re: [Full-Disclosure] openssh remote exploit
From: petard <petard@xxxxxxxxxxxxxxxx>
Date: Wed, 17 Sep 2003 13:24:43 +0000

On Wed, Sep 17, 2003 at 06:49:30AM +1000, Darren Reed wrote:
> > Do you have any knowledge of a working exploit against OpenBSD?
> 
> No.  Does a vulnerability need an exploit before it becomes a hole ?
No. A bug needs to be exploitable before it's a vulnerability, and on
OpenBSD so far, I've not seen any evidence that this is exploitable.

An exploit would certainly constitute such evidence. Have you seen anything
that indicates this bug is exploitable?

Regards,

petard

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- [Full-Disclosure] Re: openssh remote exploit
  - From: Richard Johnson
- Re: [Full-Disclosure] openssh remote exploit
  - From: Shawn McMahon

References:
- Re: [Full-Disclosure] openssh remote exploit
  - From: petard
- Re: [Full-Disclosure] openssh remote exploit
  - From: Darren Reed

Prev by Date: Re: [Full-Disclosure] Verisign abusing .COM/.NET monopoly, BIND releases new
Next by Date: [Full-Disclosure] Windows URG mystery solved!
Previous by thread: [Full-Disclosure] Re: openssh remote exploit
Next by thread: [Full-Disclosure] Re: openssh remote exploit
Index(es):
- Date
- Thread