Full Disclosure mailing list archives
Re: No Subject (re: openssh exploit code?)
From: "Anders B Jansson" <hdw () kallisti se>
Date: Tue, 21 Oct 2003 12:38:37 +0200
There's two sets of bad attitude going round and round in this thread. Heating the debate to pure sillyness. One shown by the parties that understand how a buffer overflow with only zeroes can be exploited, but who until today have refused to even mention the theory behind it. Resorting to "if you don't understand this just shut up and patch your system". The other shown by the parties who don't understand how a buffer overflow with only zeroes can be exploited, and taken the position of "if I can't understand it, it can't exist". Today we've got the explaination. Now even I understand how this could be exploited. <<snip>>
Fact remains that exploiting this issue requires creativity beyond the pre-chewed papers. And that's why you're not seeing the regular array of mediocre "hackers" producing exploit code. I'd like to think that anyone who was capable of writing this exploit also recognises the potential impact of releasing it.
But the "array of mediocre hackers" also scream wolf quite often, causing admins of 24/365 system to be a bit selective on when to take the system down to patch. And with a weakness/exploit that 99% of even seasoned admins can't figure out how it can be an exploit it's not so hard to understand that several of us say "huh, can anyone explain how this can be an exploit". Badly expressed I'm afraid, coming across as "show me a working exploit and I'll patch, otherwise I'll regard this a a hoax", instead of "can anyone explain, in theory, how this could be exploited". End of thread I hope. // hdw _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- RE: No Subject (re: openssh exploit code?) mitch_hurrison (Oct 20)
- Re: No Subject (re: openssh exploit code?) Gregory A. Gilliss (Oct 20)
- Re: No Subject (re: openssh exploit code?) Paul Schmehl (Oct 20)
- Re: No Subject (re: openssh exploit code?) security snot (Oct 21)
- Re: No Subject (re: openssh exploit code?) John Sage (Oct 21)
- Re: No Subject (re: openssh exploit code?) madsaxon (Oct 21)
- Re: No Subject (re: openssh exploit code?) Paul Schmehl (Oct 20)
- Re: No Subject (re: openssh exploit code?) Gregory A. Gilliss (Oct 20)
- <Possible follow-ups>
- Re: No Subject (re: openssh exploit code?) mitch_hurrison (Oct 21)
- Re: No Subject (re: openssh exploit code?) Anders B Jansson (Oct 21)
- Re: No Subject (re: openssh exploit code?) S . f . Stover (Oct 21)
- Re: No Subject (re: openssh exploit code?) Jason Coombs (Oct 21)
- Re: No Subject (re: openssh exploit code?) morning_wood (Oct 21)
- Re: No Subject (re: openssh exploit code?) Jason Coombs (Oct 21)
- Re: No Subject (re: openssh exploit code?) Valdis . Kletnieks (Oct 21)
- Re: No Subject (re: openssh exploit code?) Peter Busser (Oct 22)
- RE: No Subject (re: openssh exploit code?) Schmehl, Paul L (Oct 21)
- RE: No Subject (re: openssh exploit code?) Schmehl, Paul L (Oct 21)
- RE: No Subject (re: openssh exploit code?) Brent J. Nordquist (Oct 21)
- RE: No Subject (re: openssh exploit code?) mitch_hurrison (Oct 21)