[nycbug-talk] openssh 0 day?
Isaac Levy
isaac at diversaform.com
Thu Jul 9 15:38:38 EDT 2009
On Jul 9, 2009, at 12:23 PM, Pete Wright wrote:
> On 9-Jul-09, at 8:54 AM, George Rosamond wrote:
>> Bill Totman wrote:
>>>
>>> gr> But sshd v 4.3?
>>>
>>> _
>>> arhhahaar 3zpl0it iz unr334l.
<snip>
>>> Esperanto?
>>>
>>> I'm just saying.
<snip>
>> Well. . . back to the main point about the apparent exploit.
>>
<snip>
>> FUD. Nothing.
>>
>> http://isc.sans.org/diary.html?storyid=6760&rss
>> http://lwn.net/Articles/340483/
>>
<snip>
>> 0day exploit with a widely used
>> daemon.
>>
>> I wonder how much hassle was
>> caused by it.
<snip>
> looked pretty fishy from the get-
> go - i do like to keep an eye on this stuff just as an added layer of
> paranoia and curiosity.
Regardless of if they cried a bit of wolf, I personally think it was
appropriate.
Anyone remember,
http://lists.nycbug.org/pipermail/talk/2005-September/006865.html
I'm personally going to release my SSH protocol exploits Jan 1, 2012
and see what happens... Muahahahaha.
But seriously, for an app like OpenSSH (and the SSH protocol), which
is understatedly so critical to everything, why not be a bit paranoid?
http://nmap.org/images/matrix/matrix-poster-jsolomon-small.jpg
Rocket-
.ike
More information about the talk
mailing list