Re: [ILUG] openssh vulnerability

From: Waider (waider at domain dspsrv.com)
Date: Tue 25 Jun 2002 - 12:05:38 IST

• Next message: Anders Holm: "RE: [ILUG] openssh vulnerability"
• Previous message: Paul Jakma: "RE: [ILUG] openssh vulnerability"
• In reply to: Anders Holm: "RE: [ILUG] openssh vulnerability"
• Next in thread: Paul Jakma: "RE: [ILUG] openssh vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

According to Anders Holm:
>
> I've now dished out my share of flaming on this. I'd rather spend my time,
> and the lists resources in trying to see what happens and if I could do
> anything to help. The fact remains, there is a _possible_ vulnerability in
> OpenSSH. Why not try to help fixing it instead of flaming the people who let
> you know about it? In that way we'd all benefit. Who benefits by this?

Well, we can't until Theo tells us what it is. I thought that the point of
full disclosure was that you assume the black hats know, and you let the
white hats know as quickly as possible so that they can fix the problem.

But, you know, I'm running on far too many assumptions already this morning.

Cheers,
Waider.

-- 
waider at domain dspsrv.com / Chances are I'm not at home right now.

• Next message: Anders Holm: "RE: [ILUG] openssh vulnerability"
• Previous message: Paul Jakma: "RE: [ILUG] openssh vulnerability"
• In reply to: Anders Holm: "RE: [ILUG] openssh vulnerability"
• Next in thread: Paul Jakma: "RE: [ILUG] openssh vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2.1.6 : Thu 06 Feb 2003 - 13:17:30 GMT