[nycbug-talk] openssh 0 day?
Pete Wright
pete at nomadlogic.org
Thu Jul 9 12:23:32 EDT 2009
On 9-Jul-09, at 8:54 AM, George Rosamond wrote:
> Bill Totman wrote:
>>
>> gr> But sshd v 4.3?
>>
>> _
>> arhhahaar 3zpl0it iz unr334l. my namez carton und ir u|\|aphr4i|>
>> on p0r|
>> 22 bc n0 1 can hakxz0r my big-endian LP64 zystemsz!!!1!11!! ze
>> ph33r
>> iz 1n ze m4i1. wif 4 ph33rzt4|\/|Pz 0n 1t.
>>
>>
>> Would it have been faster to first learn and then write that in
>> Esperanto?
>>
>> I'm just saying.
>>
>
> Well. . . back to the main point about the apparent exploit.
>
> FUD. Nothing.
>
> http://isc.sans.org/diary.html?storyid=6760&rss
>
> Damien Miller's reply breaks down the 'exploit'
>
> http://lwn.net/Articles/340483/
>
> I would expect the security site to do a bit more research in posting
> such stuff. . . especially when it's a 0day exploit with a widely used
> daemon.
>
> That blog has a lot of credibility, and I wonder how much hassle was
> caused by it.
thanks for the url's gman. regardless of how cool alex is (thanks for
reminding me - i forgot!) and how it looked pretty fishy from the get-
go - i do like to keep an eye on this stuff just as an added layer of
paranoia and curiosity.
-pete
More information about the talk
mailing list