mailing list archives
Re: SSH-1.2.27 & RSAREF2 exploit
From: speed () LINUX DPILINK COM (Speed)
Date: Wed, 15 Dec 1999 16:07:11 -0500
However, don't be complacent because this particular exploit is not Kid
Tested. A quite functional exploit of this vulnerability has been around
since at least 1998 (and that is only to my knowledge).
Moral of the story: patch your system or get rid of sshd 1.2.2x
On Tue, 14 Dec 1999, [iso-8859-1] Iv√°n Arce wrote:
The exploit is more or less "script-kid-proof" since if it doesnt work a
debugging, coding and probably crypto skills are needed to make it work.
Security Vulnerability in VVOS TGP Aleph One (Dec 14)
CERT Advisory CA-99.15 - Buffer Overflows in SSH Daemon and RSAREF2 Library Aleph One (Dec 14)