In some mail from christopher neitzert, sie said: > > Does anyone know of or have source related to a new, and unpublished ssh > exploit? An ISP I work with has filtered all SSH connections due to > several root level incidents involving ssh. Any information is > appreciated.
I wonder if this is in any way related to an incident I heard about on efnet's #openbsd where someone at a european con (hack the planet?) mentioned that details of a new openssh exploit had been taped to the openbsd tent (on the outside) whilst all the openbsd ppl were inside, drunk? I suppose if there is any merit to that story (and I'd rank it as no more than heresay myself, but it does paint a good picture of college level kids :) and it was details of some new vulnerability for which there is an exploit then it has been around for a while...assuming, of course, it is the same "bug". Still, as far as stories go, I like it :) My $0.02 worth :) Darren _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html