Full Disclosure: Re: OpenSSH Security Advisory: gcmrekey.adv

Re: OpenSSH Security Advisory: gcmrekey.adv

From: coderman <coderman () gmail com>
Date: Fri, 8 Nov 2013 12:43:27 -0800

On Fri, Nov 8, 2013 at 10:56 AM, CERT OPS Marienfeldt
<cert.marienfeldt () gmail com> wrote:

"If exploited, this vulnerability might permit code execution
        with the privileges of the authenticated user"

might explains the absence ;-)



how many integrations and services auth without shell?  /sbin/nologin
to /sbin/privescalate ...

tough crowd.  i leave you to your preauth remote exec fantasies,

;)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

OpenSSH Security Advisory: gcmrekey.adv coderman (Nov 08)
- Re: OpenSSH Security Advisory: gcmrekey.adv yersinia (Nov 09)
- Re: OpenSSH Security Advisory: gcmrekey.adv CERT OPS Marienfeldt (Nov 09)
  - Re: OpenSSH Security Advisory: gcmrekey.adv coderman (Nov 08)
- <Possible follow-ups>
- Re: OpenSSH Security Advisory: gcmrekey.adv Harry Hoffman (Nov 09)
  - Re: OpenSSH Security Advisory: gcmrekey.adv Bob Man Van Kim (Nov 09)
    - Re: OpenSSH Security Advisory: gcmrekey.adv coderman (Nov 09)