[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] SSH EXPLOIT IN THE WILD

Subject: RE: [cobalt-users] SSH EXPLOIT IN THE WILD
From: "H.P. Noordam" <bno@xxxxxxxxxxxx>
Date: Tue Sep 16 12:28:00 2003
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

> -----Oorspronkelijk bericht-----
> Van: Cobalt Supply [mailto:cobalt@xxxxxxxxxxxxxxxxx] 
> Verzonden: dinsdag 16 september 2003 19:06
> Aan: cobalt-users@xxxxxxxxxxxxxxx
> Onderwerp: [cobalt-users] SSH EXPLOIT IN THE WILD
> 
> 
> There's a new exploit for SSH in wild. Read more about it at 
> http://slashdot.org/articles/03/09/16/1327248.shtml?tid=126&tid=172
> 
> Affects the latest version of SSH in Debian, BSD and RedHat.
> 
> -----


The freebsd team has released a security warning indicating that the bug
is able to crash the ssh server, but is believed to be unable to execute
code. Does anyone know how the redhat/cobalt version will behave ? 
Crash only, or run code ... 

Bob.



III. Impact

A remote attacker can cause OpenSSH to crash.  The bug is not believed
to be exploitable for code execution on FreeBSD.

Follow-Ups:
- RE: [cobalt-users] SSH EXPLOIT IN THE WILD
  - From: E.B. Dreger

Prev by Date: RE: [cobalt-users] SSH EXPLOIT IN THE WILD
Next by Date: RE: [cobalt-users] SSH EXPLOIT IN THE WILD
Previous by thread: Re: [cobalt-users] openssh hole?
Next by thread: RE: [cobalt-users] SSH EXPLOIT IN THE WILD

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index