sshd exploit.

From: Luke Vogel (
Date: 03/30/02

  • Next message: Luke Vogel: "Re: ftp scanning"

    From: Luke Vogel <>
    Date: Sat, 30 Mar 2002 17:32:19 +1000

    I've been trying to have an in-depth look at the sshd crc32 compensation
    attack exploit, but I cant seen to locate a copy of the "actual" exploit

    I have found source that patches the ssh client to allow the exploit
    work, but I cant find the actual engine of the exploit. Specifically
    I'd like to get hold of the "zip/TESO" exploit.

    Have any of you found a copy in the wild? If so would you mind
    e-mailing me a copy so that I can do some forensics ... I'd like to know
    exactly how it works.

    Q:  What does FAQ stand for?
    A:  We are Frequently Asked this Question, and we have no idea.
    C.O.L.S FAQ -

    Relevant Pages

    • Re: Quick opinion poll regarding Bass multiple "PR" posts
      ... He does not attack or flame those who have not attacked him.... ... The "PR" posts should be limited to a single item and one that has relevance to the *industry*. ... The FAQ is just like homeowner deed restrictions. ... I've seen Robert run roughshod over a number of individuals here. ...
    • Re: Politics in science fiction
      ... majority of people reading said posting immediately go on the ... attack and that last sentence in the FAQ is not an idle ...
    • Re: Any style file to convert number to word?
      ... Peter Flynn writes: ... I agree that this should be added to FAQ. ... impossible to answer in a narrative style, such as the faq offers by ... one can attack such problems in the faq, ...
    • Re: Nobody proposing new uk newsgroups - why ?
      ... there is an attack on uk.rec.gardening. ... |Might it be time to put together a quick FAQ on how to use filtering ... |for various flavours of newsreader? ...