Penetration Testing mailing list archives
SSH 4.3 dos question
From: "Francois Yang" <francois.y () gmail com>
Date: Thu, 22 Feb 2007 10:45:43 -0600
I'm evaluating a friends server and I noticed that he had a vulnerable version of SSH. Nmap result; 22/tcp open ssh OpenSSH 4.3 (protocol 1.99) According to security focus it is vulnerable to a DOS attack. http://www.securityfocus.com/bid/20216/info cve - CVE-2006-4924 When I run the script from millw0rm which is suppose to cause the DOS nothing happens. The scripts runs fine saying that it worked, but the server doesn't seem to be affected. http://milw0rm.com/exploits/2444 Any ideas? thanks. -- If you think technology can solve your security problems, then you don't understand the problems and you don't understand the technology. Bruce Schneier ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
Current thread:
- SSH 4.3 dos question Francois Yang (Feb 23)
- Re: SSH 4.3 dos question M . B . Jr . (Feb 25)
- <Possible follow-ups>
- Re: SSH 4.3 dos question earle . david (Feb 25)