mailing list archives
Re: R7-0009: Vulnerabilities in SSH2 Implementations from Multiple Vendors
From: Knud Erik Højgaard <knud () skodliv dk>
Date: Tue, 17 Dec 2002 03:34:32 +0100
matt merhar wrote:
On Mon, 16 Dec 2002 10:56:20 -0800 (PST)
Michal Zalewski <lcamtuf () ghettot org> wrote:
^^^^^^^^^^ don't type that i lost 134 day uptime because of that
No wonder, if you substitute the : with a word, for example bomb, it's
pretty obvious what this does.
A properly configured login.conf prohibits this from having any effect on my
FreeBSD, and since you dont state your flavour i suppose it's the same as
Full-Disclosure - We believe in it.