[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] SSH Patch

Subject: [ale] SSH Patch
From: jonathan at xcorps.net (Jonathan Rickman)
Date: Tue Sep 16 12:21:48 2003
In-reply-to: <3F66ED61.32094.AA5D1D7@localhost>
References: <[email protected]> <3F66ED61.32094.AA5D1D7@localhost>

On Tuesday 16 September 2003 11:00, synco gibraldter wrote:

> it appears that they're now using an intermediate variable to change
> the buffer size and check before adjusting the primary variable....
> looks like it may have been susceptible to an overflow?  i can't tell
> for sure.  anyone know if there are active exploits yet or if this is a
> precaution?  thanks.

There have been reports of compromised systems. No details, but at least 
one major ISP was reportedly filtering SSH connections last night after 
receiving reports of multiple incidents.

-- 
Jonathan Rickman
Key ID: 0DF501FF

Follow-Ups:
- [ale] SSH Patch
  - From: cfowler at outpostsentinel.com (Christopher Fowler)

References:
- [ale] SSH Patch
  - From: jonathan at xcorps.net (Jonathan Rickman)
- [ale] SSH Patch
  - From: synco at xodarap.net (synco gibraldter)

Prev by Date: [ale] [Full-Disclosure] The lowdown on SSH vulnerability (fwd)
Next by Date: [ale] x10
Previous by thread: [ale] SSH Patch
Next by thread: [ale] SSH Patch
Index(es):
- Date
- Thread