Bugtraq mailing list archives
Re: SSH-1.2.27 & RSAREF2 exploit
From: speed () LINUX DPILINK COM (Speed)
Date: Wed, 15 Dec 1999 16:07:11 -0500
However, don't be complacent because this particular exploit is not Kid Tested. A quite functional exploit of this vulnerability has been around since at least 1998 (and that is only to my knowledge). Moral of the story: patch your system or get rid of sshd 1.2.2x On Tue, 14 Dec 1999, [iso-8859-1] Iván Arce wrote:
The exploit is more or less "script-kid-proof" since if it doesnt work a bit of debugging, coding and probably crypto skills are needed to make it work.
Current thread:
- Re-release of Microsoft Security Bulletin MS99-046, (continued)
- Re-release of Microsoft Security Bulletin MS99-046 Microsoft Product Security (Dec 23)
- BUG? Non-root user can configure traffic shaper (2.2.13) (fwd) Yuri Kuzmenko (Dec 24)
- RealMedia Server 5.0 Crasher (rmscrash.c) bow (Dec 22)
- Re: procmail / Sendmail - five bugs Casper Dik (Dec 23)
- Re: SSH-1.2.27 & RSAREF2 exploit Wakko Ellington Warner-Warner III (Dec 15)
- Recent postings about SCO UnixWare 7 Andrew Malcolm (Dec 15)
- Re: SSH-1.2.27 & RSAREF2 exploit Iván Arce (Dec 15)
- Oops, my apologies. Wakko Ellington Warner-Warner III (Dec 15)
- IRCnet IRCD 2.0x Reboot Bug A Bloke (Dec 15)
- Re: IRCnet IRCD 2.0x Reboot Bug Matus \ (Dec 15)
- Re: SSH-1.2.27 & RSAREF2 exploit Speed (Dec 15)
- Security Vulnerability in VVOS TGP Aleph One (Dec 14)
- CERT Advisory CA-99.15 - Buffer Overflows in SSH Daemon and RSAREF2 Library Aleph One (Dec 14)