Date: Thu, 29 Nov 2001 14:53:58 -0700 From: Brett Glass <brett@lariat.org> To: "Jacques A. Vidrine" <n@nectar.com> Cc: Kris Kennaway <kris@obsecurity.org>, "f.johan.beisser" <jan@caustic.org>, Mauro Dias <localhost@dsgx.org>, security@FreeBSD.ORG Subject: Re: sshd exploit Message-ID: <4.3.2.7.2.20011129145328.00afde60@localhost> In-Reply-To: <20011129133446.A23161@hellblazer.nectar.com> References: <4.3.2.7.2.20011129113349.04722900@localhost> <4.3.2.7.2.20011128225341.04672880@localhost> <4.3.2.7.2.20011128221259.04665720@localhost> <20011128214925.P16958-100000@localhost> <4.3.2.7.2.20011128225341.04672880@localhost> <20011128233947.C53604@xor.obsecurity.org> <4.3.2.7.2.20011129113349.04722900@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
At 12:34 PM 11/29/2001, Jacques A. Vidrine wrote: >As a member of the FreeBSD Security Officer team, I have worked with >both the TESO and x2 exploits. Neither work against any version of >OpenSSH later than 2.2.0, which includes 4.4-RELEASE. Both programs >attack the CRC detector. This is good to know! It's the first I've heard of tests actually being performed. --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.3.2.7.2.20011129145328.00afde60>