Home page logo
/

pen-test logo Penetration Testing mailing list archives

Re: [PEN-TEST] ports
From: "Frasnelli, Dan" <dfrasnel () COREWAR COM>
Date: Thu, 7 Sep 2000 17:45:17 -0400

A bit busy at the moment, so hopefully this 'quick' explanation
is sufficient.

"Haste makes waste" or something like that.

Just some trivia you may not know about X11 forwarding:
- the X11 traffic is not sent through an encrypted channel
- a remote user can 'spy' on an ssh session under certain
  circumstances by reading off those ports (ie. xkey).

My apologies to the list for this inaccurate information..
I recognized the mistake after sending, but it was too late.

The above pertains to older/misconfigured versions of ssh.
With Data Fellows on-site at my workplace at the time,
we discovered the second 'confidentiality' bug.
It is difficult to exploit and requires information not
readily available to remote users.  The vulnerability
occurs when cookies fail and authentication falls back
to ip-only.

No the report is not available, and yes current versions
are not vulnerable.

-dan


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]