Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy]

From: Valdis.Kletnieksat_private
Date: Mon Sep 27 1999 - 19:43:19 PDT

Next message: Gerrie: "Remote bufferoverflow exploit for ftpd from AIX 4.3.2 running on"

Previous message: Sean-Paul Rees: "Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy]"
Maybe in reply to: Marc SPARC: "[Fwd: Truth about ssh 1.2.27 vulnerabiltiy]"
Next in thread: Solar Designer: "Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 27 Sep 1999 11:35:44 EDT, Dan Astoorian <djastat_private>  said:
> A trivial demo program that demonstrates the problem is attached.  (It
> needs no special privileges; run it as an unprivileged user in any
> writable directory.)  The program reports "okay" under Solaris 2.5.1 and
> IRIX 6.5.2, "vulnerable" under RedHat 6.

AIX 4.3.2 with all the recent Fixdist patches also says "okay".

				Valdis Kletnieks
				Computer Systems Senior Engineer
				Virginia Tech

Next message: Gerrie: "Remote bufferoverflow exploit for ftpd from AIX 4.3.2 running on"
Previous message: Sean-Paul Rees: "Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy]"
Maybe in reply to: Marc SPARC: "[Fwd: Truth about ssh 1.2.27 vulnerabiltiy]"
Next in thread: Solar Designer: "Re: [Fwd: Truth about ssh 1.2.27 vulnerabiltiy]"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:05:37 PDT