| To: | pen-test@securityfocus.com |
|---|---|
| Subject: | SSH 4.3 dos question |
| From: | "Francois Yang" <francois.y@gmail.com> |
| Date: | Thu, 22 Feb 2007 10:45:43 -0600 |
| Delivered-to: | sp-com-lists@consult.net |
| Delivered-to: | pentest-list2@consult.net |
| Delivered-to: | mailing list pen-test@securityfocus.com |
| Delivered-to: | moderator for pen-test@securityfocus.com |
| Dkim-signature: | a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=iv6f9iosEU9amWPYPIsh7rrGoFBloC7kfnInB4H6gNqEDULBs+myeE6r91Yj2uwqV/Hc0oF0QQWM4XtZABo0YMkYyEWTH0qC7N8KB2hZd4i23huu0qrFSkjfQKZ7u/Vlz6NKtRVTbkl58BdYGFEqarp0DuxgZN8PMWXJEHjvmjE= |
| Domainkey-signature: | a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=s3RFaAYbuX3mdxhJEEOvQRifagrcU3oXyzvoj9pCtQwbtpFpCLtRR3oBcRKbR5Y3WT1rrt8hFMFQvaRgOint36e1tIown+6uNaTreLRIPYMs+K0m09+uyKGIlMIoHcjn1tpGwuUx3jJFi/T1L4YVLja+yK1gYSRRJ2qBoWGf2Go= |
| List-help: | <mailto:pen-test-help@securityfocus.com> |
| List-id: | <pen-test.list-id.securityfocus.com> |
| List-post: | <mailto:pen-test@securityfocus.com> |
| List-subscribe: | <mailto:pen-test-subscribe@securityfocus.com> |
| List-unsubscribe: | <mailto:pen-test-unsubscribe@securityfocus.com> |
| Mailing-list: | contact pen-test-help@securityfocus.com; run by ezmlm |
| Resent-date: | Fri, 23 Feb 2007 19:32:02 -0700 (MST) |
| Resent-from: | pen-test-return-1078483614@securityfocus.com |
| Resent-message-id: | <20070224023202.020723400E9@outgoing2.securityfocus.com> |
| Resent-sender: | listbounce@securityfocus.com |
| Sender: | listbounce@securityfocus.com |
I'm evaluating a friends server and I noticed that he had a vulnerable version of SSH. Nmap result; 22/tcp open ssh OpenSSH 4.3 (protocol 1.99) According to security focus it is vulnerable to a DOS attack. http://www.securityfocus.com/bid/20216/info cve - CVE-2006-4924 When I run the script from millw0rm which is suppose to cause the DOS nothing happens. The scripts runs fine saying that it worked, but the server doesn't seem to be affected. http://milw0rm.com/exploits/2444 Any ideas? thanks. -- If you think technology can solve your security problems, then you don't understand the problems and you don't understand the technology. Bruce Schneier ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------ |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: DNS mapping, pand0ra |
|---|---|
| Next by Date: | RE: Ethical hacker article published, Craig Wright |
| Previous by Thread: | windows 2003 server, Chris Parker |
| Next by Thread: | Re: SSH 4.3 dos question, M . B . Jr . |
| Indexes: | [Date] [Thread] [Top] [All Lists] |