Well, this thread didn't quite go like I had planned. ;-)
I did have someone
contact me off-list and say that he had a vulnerable sshd server that was
owned - he wasn't certain that it was this exploit, but he thought it was (not
sure why - he didn't say). I'm working on getting the trace for
Dearest Sir,
Can you provide any sort of technical argument as to why this bug is not
exploitable? Or are you going to simply stand behind the typical OpenBSD
zealot view and say it can't be exploited, only because there is not
public proof of concept code available?
ISS' X-Forces claim to have
On Mon, Oct 13, 2003 at 12:13:14AM -0700, security snot wrote:
Can you provide any sort of technical argument as to why this bug is not
exploitable?
sure. look what happens:
buffer-alloc += len + 32768;
if (buffer-alloc 0xa0)
fatal(buffer_append_space:
You seriously don't have any idea how, with proper heap manipulation, a
nul overflow can be exploited? You should stick to writing exploitable
code and leave vuln analysis to the real hackers.
Also your arrogance shows in the same flaming fashion as Theo's homosexual
nature throughout your post.
It's pretty clear that you are wasting our time, I will not go down to
the level of personal attacks. come back when you have something to
say.
On Mon, Oct 13, 2003 at 07:09:03AM -0700, security snot wrote:
You seriously don't have any idea how, with proper heap manipulation, a
nul overflow
On Mon, 13 Oct 2003, security snot wrote:
ISS' X-Forces claim to have created a working proof-of-concept code for
the bug. Are you calling those respectable young men and woman liars? Or
Can you provide a reference please?
The latest advisory on their web page says
... the possibility for
Hello Security Snot,
You
probably enjoy the multiple levels of admitted obscurity features (check
the Brad Spengler vs. OpenBSD Team threads just about anywhere, Theo's
quotes on w^x being an obscurity feature to thwart attacks from lesser
skilled attackers - since after all, the lesser
touchy..
On Mon, 13 Oct 2003, Henning Brauer wrote:
Date: Mon, 13 Oct 2003 17:16:10 +0200
From: Henning Brauer [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re: [Full-Disclosure] openssh exploit code?
It's pretty clear that you are wasting our time, I will not go down to
the level
On Mon, Oct 13, 2003 at 12:13:14AM -0700, security snot said:
probably enjoy the multiple levels of admitted obscurity features (check
the Brad Spengler vs. OpenBSD Team threads just about anywhere, Theo's
quotes on w^x being an obscurity feature to thwart attacks from lesser
skilled
On Mon, Oct 13, 2003 at 08:55:29AM -0700, Ted Unangst wrote:
On Mon, 13 Oct 2003, security snot wrote:
ISS' X-Forces claim to have created a working proof-of-concept code for
the bug. Are you calling those respectable young men and woman liars? Or
Can you provide a reference please?
Has anyone actually seen exploit code for the Openssh 3.6.1 vulnerability?
I've been googling around and while I see people talking about exploit code
being present in the wild, but I have yet to see it.
TIA.
--
aka Dolph Longhorn
[EMAIL PROTECTED]
GPG Key ID: 0xF8F859D0
On Sat, Oct 11, 2003 at 07:56:50AM -0400, S . f . Stover wrote:
Has anyone actually seen exploit code for the Openssh 3.6.1 vulnerability?
I've been googling around and while I see people talking about exploit code
they are liars.
it's FUD.
--
Henning Brauer, BS Web Services, http://bsws.de
On 11 Oct 03 10:20:34PM Henning [EMAIL PROTECTED] wrote:
: they are liars.
: it's FUD.
I guess that's kind of my point - I'd like all the alleged FUD slingers to put
up (or out...) ;-)
--
aka Dolph Longhorn
[EMAIL PROTECTED]
GPG Key ID: 0xF8F859D0
13 matches
Mail list logo