Full Disclosure mailing list archives
Re: OpenSSH - is X-Force really behind this?
From: Valdis.Kletnieks () vt edu
Date: Mon, 22 Sep 2003 11:31:03 -0400
On Mon, 22 Sep 2003 12:06:03 +0200, Michal Zalewski said:
...why would there be any exploits in the wild if they have indeed discovered the flaw on their own? Though I'm trying really hard, I can't read "we discovered a flaw" as "we have overheard about a flaw" or "we are aware of a flaw".
Charles Darwin and Alfred Wallace independently came up with the concept of natural selection. Remember - it's open source, it isn't like the ISS X-Force guys sprinkled magic exploit dust on a printout and the flaw was revealed to them alone. More likely, they found the bug, and then realized that if they could find it, a black hat with an unpublished exploit could have found it too.
Attachment:
_bin
Description:
Current thread:
- OpenSSH - is X-Force really behind this? Michal Zalewski (Sep 22)
- Re: OpenSSH - is X-Force really behind this? Valdis . Kletnieks (Sep 22)
- Re: OpenSSH - is X-Force really behind this? Michal Zalewski (Sep 22)
- Re: OpenSSH - is X-Force really behind this? Eric Rescorla (Sep 29)
- Re: OpenSSH - is X-Force really behind this? Michal Zalewski (Sep 22)
- <Possible follow-ups>
- Re: OpenSSH - is X-Force really behind this? Steven M. Christey (Sep 22)
- Re: OpenSSH - is X-Force really behind this? Valdis . Kletnieks (Sep 22)