Re: Attacks against SSH?

From: Przemyslaw Frasunek (venglinat_private)
Date: Tue Dec 04 2001 - 22:11:57 PST

Next message: Glenn Forbes Fleming Larratt: "Re: slowish ssh scan from 149.69.85.65"

Previous message: James W. Abendschan: "Re: linux 'zoot' rootkit/DoSkit/etc"
In reply to: Russell Fulton: "Re: Attacks against SSH?"
Next in thread: Jason Robertson: "Re: Attacks against SSH?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wednesday 05 December 2001 03:51, Russell Fulton wrote:
> package with SSH-1.5-OpenSSH-1.2.3 in not vulnerable:
> bluebottle:~ >ssh -l`perl -e '{print "A"x90000}'` 130.216.yyy.xxx
> Word too long.

No, it doesn't mean you're not vulnerable. Some shells (csh, tcsh) limits 
argument length and prints 'Word too long'.

-- 
* Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NIC-HDL: PMF9-RIPE *
* Inet: przemyslawat_private ** PGP: D48684904685DF43EA93AFA13BE170BF *

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

Next message: Glenn Forbes Fleming Larratt: "Re: slowish ssh scan from 149.69.85.65"
Previous message: James W. Abendschan: "Re: linux 'zoot' rootkit/DoSkit/etc"
In reply to: Russell Fulton: "Re: Attacks against SSH?"
Next in thread: Jason Robertson: "Re: Attacks against SSH?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Dec 05 2001 - 09:07:35 PST