Linux-Bulgaria.ORG

навигация

начало

пощенски списък

архив на групата

По Дата

Re: lug-bg: [Fwd: [Full-Disclosure] NEW OpenSSH Vuln Today]

Subject: Re: lug-bg: [Fwd: [Full-Disclosure] **NEW** OpenSSH Vuln Today]
From: Boris Jordanov <borj@xxxxxxxxx>
Date: Wed, 24 Sep 2003 12:33:11 +0300

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Georgi Chorbadzhiyski said the following on 24.09.2003 12:19:
| Teodor Georgiev wrote:
|
|>Interesno e obache kak horata meriat vsichko s dvoen arshin...
|>Ako exploita beshe za sendmail, dosega da se beshe napylnil threada s
flame
|>war za tova, kolko bygav e sendmail i che oshte imalo mnogo serveri
|>raboteshti pod sendmail. I kolko stabilen bil qmail i t.n. i t.n.
|>
|>Ama kato izleze exploit v openssh ili apache i vseki sedi i se
pochesva po
|>topkite?
|>Chudno mi e shto ne pluete po ssh?
|
|
| Zashtoto niama "track record" kato sendmail. Da ne govorim che poslednite
| bugove, dosega nikoi ne e dokazal che sa remote exploitable, samo che
| mogat da prichiniat DoS.
|
|

Veche mu se posubra "track record". Citat ot Debian advisory ot 21-vi:

| Package        : ssh
| Vulnerability  : buffer handling
| Problem type   : possible remote
| Debian-specific: no
| CVE references : CAN-2003-0693 CAN-2003-0695 CAN-2003-0682
|
| This advisory is an addition to the earlier DSA-382-1 and DSA-382-3
| advisories: Solar Designer found four more bugs in OpenSSH that may be
| exploitable.

possible, ne probably pishe, a po mi e interesen poslednija red.
Exploit-a e "a matter of time".
Naistina, kato izskochi dupka v open ssh - njama rage, pjana po ustata i
prochee, obache ako e za BIND, SENDMAIL, etc... - uhaaaa, disorder
unleashed (pozdrav za Sepultura fenovete) :) Maj v edin moment ste se
okaze, che puskame IPSec m/u podopechnite ni mashini i plustim telnet-i
na volja...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE/cWTWKDHlLar/ewgRApqmAJkBwwa5vbNzOOkIE8LRAaFIoVuW/QCfYnCJ
6z0NgzI+1BZtDkFy3VDBMs4=
=Ls2H
-----END PGP SIGNATURE-----


============================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers).
http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora
To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
============================================================================

Във връзка с:
- Re: lug-bg: [Fwd: [Full-Disclosure] **NEW** OpenSSH Vuln Today]
  - Изпратено от: Yasen Balev <yasenbalev@xxxxxx>

Относно:
- lug-bg: [Fwd: [Full-Disclosure] **NEW** OpenSSH Vuln Today]
  - Изпратено от: Васил Колев <vasil@xxxxxxxxxx>
- Re: lug-bg: [Fwd: [Full-Disclosure] **NEW** OpenSSH Vuln Today]
  - Изпратено от: Plamen Tonev <micro@xxxxxxxxx>
- Re: lug-bg: [Fwd: [Full-Disclosure] **NEW** OpenSSH Vuln Today]
  - Изпратено от: Teodor Georgiev <teodor@xxxxxxxxx>
- Re: lug-bg: [Fwd: [Full-Disclosure] **NEW** OpenSSH Vuln Today]
  - Изпратено от: Georgi Chorbadzhiyski <gf@xxxxxxxxxxx>

Предишно по дата: Re: lug-bg: [Fwd: [Full-Disclosure] **NEW** OpenSSH Vuln Today]
Следващо по дата: Re: lug-bg: [Fwd: [Full-Disclosure] **NEW** OpenSSH Vuln Today]
Предишно по тема: Re: lug-bg: [Fwd: [Full-Disclosure] **NEW** OpenSSH Vuln Today]
Следващо по тема: Re: lug-bg: [Fwd: [Full-Disclosure] **NEW** OpenSSH Vuln Today]
Индекс:
- По дата
- По тема

наши приятели

линукс за българи
http://linux-bg.org

FSA-BG
http://fsa-bg.org

OpenFest
http://openfest.org

FreeBSD BG
http://bg-freebsd.org

KDE-BG
http://kde.fsa-bg.org/

Gnome-BG
http://gnome.cult.bg/

проект OpenFMI
http://openfmi.net

NetField Forum
http://netField.ludost.net/forum/

Linux-Bulgaria.ORG

Re: lug-bg: [Fwd: [Full-Disclosure] **NEW** OpenSSH Vuln Today]

Re: lug-bg: [Fwd: [Full-Disclosure] NEW OpenSSH Vuln Today]