Full Disclosure mailing list archives

Re: The lowdown on SSH vulnerability

From: Carl Livitt <carl () learningshophull co uk>
Date: Tue, 16 Sep 2003 13:09:18 +0000


There _is_ a patch:

http://www.freebsd.org/cgi/cvsweb.cgi/src/crypto/openssh/buffer.c.diff?r1=1.1.1.6&r2=1.1.1.7&f=h

Carl.

On Tuesday 16 September 2003 12:25, Carl Livitt wrote:

Straight from the horses mouth, this is a snippet of an email conversation
I just had with Theo Deraadt:

--------------
Theo,

Is there a patch available to patch the off-by-one that has been reported
in OpenSSH ?  As it is being actively exploited in the wild, I would like
to patch my servers ASAP (as you can probably imagine).

Thankyou for taking the time to read - and hopefully respond to - this
email.

Kind regards,

Carl
---------------

A flamefest ensued, but his answer was:

Bugger off, wait like the rest of the planet.

-------------

After more flaming abuse, I received this from him:

I have been spending the last 10 days making openbsd releases for
about 14-15 hours a day for people to use
We've been spending hours and hours making openssh release
We are dealing with an, as far as we know, unexploitable hole
(affects some systems, but not openbsd it is pretty clear) issue
for all of you who run other system
we've been dealing with this frantically
to make something that the internet relies on as good
as good as it possibly can be
no sleep for 30 hours
and you expect me to treat you special?

AND YOU EXPECT ME TO TREAT YOU SPECIAL?

AND YOU THINK THAT PASTING THAT TO SOME IRC CHANNEL MAKES YOU LOOK
RIGHT?

and you think that you pasting it to some icb channel makes me feel
worth less, when every single hp and cisco switch containing this code
is likely vulnerable, and i don't like that, and want to make the
world a better place even if it kills me due to stress and lack of
sleep because i think that a better world is a better place to live
my life?


The main point is that " every single hp and cisco switch containing this
code is likely vulnerable". Oh dear, this could get nasty.. batten down the
hatches...

Poor Theo, he needs his rest.

Carl.

Carl.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


-- 
Carl Livitt
IT Manager
Changes - The Learning Shop
Suite 16, Friary Chambers
Whitefriargate
Hull, HU1 2HA

Tel. (01482) 211758
Fax. (01482) 211012
Email. carl () learningshophull co uk

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

The lowdown on SSH vulnerability Carl Livitt (Sep 16)
- Re: The lowdown on SSH vulnerability Carl Livitt (Sep 16)
  - Re: The lowdown on SSH vulnerability B.K. DeLong (Sep 16)
  - Re: The lowdown on SSH vulnerability Mark Vevers (Sep 16)
- RE: The lowdown on SSH vulnerability Andy Wood (Sep 16)
  - RE: The lowdown on SSH vulnerability Ivan Dimitrov (Sep 19)
- Re: The lowdown on SSH vulnerability Daniel Berg (Sep 16)
  - SSH Vulnerability Dan A. Milisic (Sep 16)
  - Re: The lowdown on SSH vulnerability Joe Shevland (Sep 16)
- <Possible follow-ups>
- Re: The lowdown on SSH vulnerability Robert Jaroszuk (Sep 16)