Snort mailing list archives
Re: sshd-exploit
From: Frank Knobbe <frank () knobbe us>
Date: Wed, 17 Sep 2003 09:39:23 -0500
On Wed, 2003-09-17 at 08:41, Sam Evans wrote:
I too have heard this, however, there's still a lot of debate as to whether the bug is even remotely exploitable. CERT says no, RedHat says yes (lol), BSD* folks say no.
Ah, yes. my favorite Tuesday topic :) Actually, CERT also said it "may" be exploitable, just like RH and Slackware. OBSD/FBSD said it doesn't look exploitable. Debian (kudos) made no statement to the 'exploitivness' of this issue. If ya don't know, don't say. That's still my main gripe. We have a lot of intelligent code reviewers around. The problem in SSHD is a small section of code. Surely we can look at it and determine if it's exploitable or not (the people I talked to said No). Yet everyone believes unsubstantiated rumors and spreads FUD in their advisories... even respectable organizations feed on that FUD.... ... oh crap, I wanted to keep my blood pressure low today.... darn... :) Cheers, Frank
Attachment:
signature.asc
Description: This is a digitally signed message part
Current thread:
- sshd-exploit Joerg Weber (Sep 17)
- Re: sshd-exploit Sam Evans (Sep 17)
- Re: sshd-exploit Frank Knobbe (Sep 17)
- Re: sshd-exploit Sam Evans (Sep 17)
- Re: sshd-exploit Joerg Weber (Sep 17)
- Re: sshd-exploit & new RPC!=low blood pressure twig les (Sep 17)
- Re: sshd-exploit Frank Knobbe (Sep 17)
- <Possible follow-ups>
- RE: sshd-exploit Sean T. Ballard (Sep 17)
- RE: sshd-exploit Frank Knobbe (Sep 17)
- Re: sshd-exploit Sam Evans (Sep 17)