From owner-freebsd-security Sun Nov 1 16:08:05 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id QAA01865 for freebsd-security-outgoing; Sun, 1 Nov 1998 16:08:05 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from time.cdrom.com (time.cdrom.com [204.216.27.226]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id QAA01858 for ; Sun, 1 Nov 1998 16:08:04 -0800 (PST) (envelope-from jkh@time.cdrom.com) Received: from time.cdrom.com (jkh@localhost.cdrom.com [127.0.0.1]) by time.cdrom.com (8.8.8/8.8.8) with ESMTP id QAA21502; Sun, 1 Nov 1998 16:08:16 -0800 (PST) (envelope-from jkh@time.cdrom.com) To: "Matthew N. Dodd" cc: freebsd-security@FreeBSD.ORG Subject: Re: SSH vsprintf patch. (You've been warned Mr. Glass) In-reply-to: Your message of "Sun, 01 Nov 1998 19:03:42 EST." Date: Sun, 01 Nov 1998 16:08:15 -0800 Message-ID: <21498.909965295@time.cdrom.com> From: "Jordan K. Hubbard" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org > Not that I've seen. One is rumored to be floating around. Yeah, rumored is the right word. :) > The previous message (forwarded from rootshell to -security by someone > else) has most of the info I've seen. I read that too, yeah. Basically, I've seen evidence of provable buffer overflows (but not proven exploitability of same) and I've seen a hacked site who admins can't think of many other ways to be hacked and are pointing either correctly or incorrectly at ssh as the cause in their first round of theories. Either way, it's just all too guessy for me right now - I'd sure like to see an actual exploit here before declaring this most security scare concluded. :( - Jordan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message