David M. Williams
2003-Jan-08 14:07 UTC
[Fwd: Re: OPENSSH REMOTE ROOT COMPROMISE ALL VERSIONS]
According to the authors of the original advisory, this is _definitely_ a hoax. -------- Original Message -------- Subject: Re: OPENSSH REMOTE ROOT COMPROMISE ALL VERSIONS Date: Mon, 06 Jan 2003 20:05:32 +0000 From: Global InterSec Research <lists at globalintersec.com> To: bugtraq at securityfocus.com As some may have gathered, the advisory recently posted by mmhs at hushmail.com was indeed a fake, intended to highlight several unclear statements made in GIS2002062801. The advisory in question is currently being updated with more detailed information and will be re-posted at: http://www.globalintersec.com/adv/openssh-2002062801.txt as soon as it becomes available. Note that the kbd-init flaw described in GIS2002062801 was proven to be exploitable in our lab although not all evidence to demonstrate this was provided in the original advisory. A mistake was made in the original advisory draft, where chunk content data was shown, rather than the entire corrupted malloc chunk. This will be amended in the revision. Also note that to our knowledge there are currently no known, exploitable flaws in OpenSSH 3.5p1, due to its use of PAM as suggested by mmhs at hushmail.com. It is almost certain that the posted bogus advisory was also intended to cause alarm amongst communities using OpenSSH, through miss-information. Global InterSec LLC. -- David M. Williams, CISSP Phone: 505-665-8062 Systems Engineer, CCN-2 Fax: 505-667-7428 Los Alamos National Laboratory Email: d_wllms at lanl.gov
Reasonably Related Threads
Wisdom of the Ancients
