Date: Tue, 16 Sep 2003 12:25:23 -0700 From: Eli Dart <dart@nersc.gov> To: freebsd-security@freebsd.org Subject: Re: OpenSSH heads-up Message-ID: <20030916192523.1CFAEF8EB@gemini.nersc.gov> In-Reply-To: Message from Brett Glass <brett@lariat.org> <4.3.2.7.2.20030916123558.02cfdef0@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
--==_Exmh_1688024332P Content-Type: text/plain; charset=us-ascii In reply to Brett Glass <brett@lariat.org> : > At 07:43 AM 9/16/2003, Jacques A. Vidrine wrote: > > Could it be that some party or parties knew about this before the announcement > and is probing for hosts to exploit? I always assume that the blackhats are at least 6 to 12 months ahead of public disclosure.... The kiddies may not have as much of a lead, depending on how good their sources for exploit code are, but one should assume that Smart Bad People can own one's machines if one's only defense is a current patch set. --eli > > --Brett Glass > > > > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" --==_Exmh_1688024332P Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (FreeBSD) Comment: Exmh version 2.5 07/13/2001 iD8DBQE/Z2OjLTFEeF+CsrMRAinEAJ0XRjXxvKgIP6g86MsC4XvJQJ5OOgCgni/a Sq+D56RaPe+kVu45YRC38B8= =s+Nj -----END PGP SIGNATURE----- --==_Exmh_1688024332P--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030916192523.1CFAEF8EB>