From carl@learningshophull.co.uk Tue Sep 16 14:25:13 2003 Return-Path: Delivered-To: simonb@kaizo.org Received: (qmail 28027 invoked by uid 2020); 16 Sep 2003 12:07:38 -0000 Received: from full-disclosure-admin@lists.netsys.com by c0ke by uid 7791 with qmail-scanner-1.20rc3 (hbedv: 6.21.0.1/6.21.0.33. Clear:RC:0:. Processed in 0.033769 secs); 16 Sep 2003 12:07:38 -0000 Received: from netsys.com (199.201.233.10) by c0ke.kaizo.org with SMTP; 16 Sep 2003 12:07:38 -0000 Received: from NETSYS.COM (localhost [127.0.0.1]) by netsys.com (8.11.6p2/8.11.6) with ESMTP id h8GBSk512639; Tue, 16 Sep 2003 07:28:46 -0400 (EDT) Received: from officeserver.learningshophull.co.uk ([212.50.174.242]) by netsys.com (8.11.6p2/8.11.6) with ESMTP id h8GBQC512212 for ; Tue, 16 Sep 2003 07:26:12 -0400 (EDT) Received: from smtp.learningshophull.co.uk (212.50.174.245) by the helpful email pixies (CP/M 8-bit) with ESMTP id h8GCFvMw029554 for ; Tue, 16 Sep 2003 12:15:57 GMT From: Carl Livitt To: full-disclosure@lists.netsys.com User-Agent: KMail/1.5.2 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200309161225.46733.carl@learningshophull.co.uk> Subject: [Full-Disclosure] The lowdown on SSH vulnerability Sender: full-disclosure-admin@lists.netsys.com Errors-To: full-disclosure-admin@lists.netsys.com X-BeenThere: full-disclosure@lists.netsys.com X-Mailman-Version: 2.0.12 Precedence: bulk List-Unsubscribe: , List-Id: Discussion of security issues List-Post: List-Help: List-Subscribe: , List-Archive: Date: Tue, 16 Sep 2003 12:25:46 +0000 Straight from the horses mouth, this is a snippet of an email conversation I just had with Theo Deraadt: -------------- Theo, Is there a patch available to patch the off-by-one that has been reported in OpenSSH ? As it is being actively exploited in the wild, I would like to patch my servers ASAP (as you can probably imagine). Thankyou for taking the time to read - and hopefully respond to - this email. Kind regards, Carl --------------- A flamefest ensued, but his answer was: Bugger off, wait like the rest of the planet. ------------- After more flaming abuse, I received this from him: I have been spending the last 10 days making openbsd releases for about 14-15 hours a day for people to use We've been spending hours and hours making openssh release We are dealing with an, as far as we know, unexploitable hole (affects some systems, but not openbsd it is pretty clear) issue for all of you who run other system we've been dealing with this frantically to make something that the internet relies on as good as good as it possibly can be no sleep for 30 hours and you expect me to treat you special? AND YOU EXPECT ME TO TREAT YOU SPECIAL? AND YOU THINK THAT PASTING THAT TO SOME IRC CHANNEL MAKES YOU LOOK RIGHT? and you think that you pasting it to some icb channel makes me feel worth less, when every single hp and cisco switch containing this code is likely vulnerable, and i don't like that, and want to make the world a better place even if it kills me due to stress and lack of sleep because i think that a better world is a better place to live my life? The main point is that " every single hp and cisco switch containing this code is likely vulnerable". Oh dear, this could get nasty.. batten down the hatches... Poor Theo, he needs his rest. Carl. Carl. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html