mailing list archives
Re: [PEN-TEST] ports
From: "Frasnelli, Dan" <dfrasnel () COREWAR COM>
Date: Thu, 7 Sep 2000 17:45:17 -0400
A bit busy at the moment, so hopefully this 'quick' explanation
"Haste makes waste" or something like that.
Just some trivia you may not know about X11 forwarding:
- the X11 traffic is not sent through an encrypted channel
- a remote user can 'spy' on an ssh session under certain
circumstances by reading off those ports (ie. xkey).
My apologies to the list for this inaccurate information..
I recognized the mistake after sending, but it was too late.
The above pertains to older/misconfigured versions of ssh.
With Data Fellows on-site at my workplace at the time,
we discovered the second 'confidentiality' bug.
It is difficult to exploit and requires information not
readily available to remote users. The vulnerability
occurs when cookies fail and authentication falls back
No the report is not available, and yes current versions
are not vulnerable.