[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-Disclosure] Re: new openssh exploit in the wild! *isFAKE AS SH@!*
- To: "Full Disclosure" <full-disclosure@xxxxxxxxxx>
- Subject: RE: [Full-Disclosure] Re: new openssh exploit in the wild! *isFAKE AS SH@!*
- From: "Schmehl, Paul L" <pauls@xxxxxxxxxxxx>
- Date: Fri, 19 Sep 2003 09:32:41 -0500
> -----Original Message-----
> From: Adam Balogh [mailto:adam@xxxxxxxxxxx]
> Sent: Friday, September 19, 2003 7:59 AM
> To: Full Disclosure
> Subject: Re: [Full-Disclosure] Re: new openssh exploit in the
> wild! *isFAKE AS SH@!*
>
>
> Probably a scriptkiddie or some random idiot. The fun part
> was it came up totally different offsets then i mean TOTALLY
> different each time you ran it and if you gave it a offset it
> would "work" no matter what. For those people who ran it..
> change all your
> passwords. :)
Why bother? If you were stupid enough to run that obvious piece of
crap, changing your password is the least of your worries. (In fact, if
you run *anything* that's posted here without first checking it out
thoroughly or if you don't understand code at all, you might as well run
up the white flag right now.)
Paul Schmehl (pauls@xxxxxxxxxxxx)
Adjunct Information Security Officer
The University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/~pauls/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html