Re: Attacks against SSH?

From: Florian Weimer (Florian.Weimerat_private-Stuttgart.DE)
Date: Tue Dec 04 2001 - 07:09:57 PST

  • Next message: Jordan K Wiens: "Re: Attacks against SSH?"

    "f.johan.beisser" <janat_private> writes:
    
    > the exploit is (supposedly) encrypted, stripped, and for x86 linux. the
    > binary has an md5 checksum of 1309689a9af6b82e11e8dfa5c6282c30. it's
    > ruffly 1.4 megs in size. i've only seen it as "x2".
    
    We've seen a "targets" file accompanying the "x2" file.  It lists some
    offsets, but only for SSH versions which are known to have the CRC32
    bug.
    
    -- 
    Florian Weimer 	                  Florian.Weimerat_private-Stuttgart.DE
    University of Stuttgart           http://cert.uni-stuttgart.de/
    RUS-CERT                          +49-711-685-5973/fax +49-711-685-5898
    
    ----------------------------------------------------------------------------
    This list is provided by the SecurityFocus ARIS analyzer service.
    For more information on this free incident handling, management 
    and tracking system please see: http://aris.securityfocus.com
    



    This archive was generated by hypermail 2b30 : Tue Dec 04 2001 - 11:15:27 PST