http://www.secuobs.com L'observatoire de la securite Internet fr webmaster@secuobs.com ProSSHD v1.2 20090726 Buffer Overflow Exploit http://www.secuobs.com/revue/news/197312.shtml http://www.secuobs.com/news/comments115112008-openssh_cbc_ctr_aes_cpni.shtml#5260 http://www.secuobs.com/news/comments115112008-openssh_cbc_ctr_aes_cpni.shtml#5260 openssh-53p1-remote-root.c http://www.secuobs.com/revue/news/189359.shtml http://www.secuobs.com/news/comments115112008-openssh_cbc_ctr_aes_cpni.shtml#4919 http://www.secuobs.com/news/comments115112008-openssh_cbc_ctr_aes_cpni.shtml#4919 Hacking the OpenSSH library for Ncrack http://www.secuobs.com/revue/news/126423.shtml http://www.secuobs.com/news/comments115112008-openssh_cbc_ctr_aes_cpni.shtml#2524 http://www.secuobs.com/news/comments115112008-openssh_cbc_ctr_aes_cpni.shtml#2524 ESRT @thierryzoller - Fake OpenSSH 0pen0wn shellcode dissasembled http://www.secuobs.com/twitter/news/8796.shtml http://www.secuobs.com/news/comments115112008-openssh_cbc_ctr_aes_cpni.shtml#2352 http://www.secuobs.com/news/comments115112008-openssh_cbc_ctr_aes_cpni.shtml#2352 ESRT @danielcid - reply from ssh on the 0-day rumors http://www.secuobs.com/twitter/news/7572.shtml http://www.secuobs.com/news/comments15112008-openssh_cbc_ctr_aes_cpni.shtml#2286 http://www.secuobs.com/news/comments15112008-openssh_cbc_ctr_aes_cpni.shtml#2286 ESRT @hackerfantastic - SSH attack pcap capture made available http://www.secuobs.com/twitter/news/7528.shtml http://www.secuobs.com/news/comments15112008-openssh_cbc_ctr_aes_cpni.shtml#2284 http://www.secuobs.com/news/comments15112008-openssh_cbc_ctr_aes_cpni.shtml#2284 Unverified : ESRT @cykyc 0day openssh 43 remote exploit via @mubix @Gh0u1 http://www.secuobs.com/news/comments15112008-openssh_cbc_ctr_aes_cpni.shtml#2262 http://www.secuobs.com/news/comments15112008-openssh_cbc_ctr_aes_cpni.shtml#2262 ESRT @mubix A very effective SSH bruteforcer by @laramies recently updated http://www.secuobs.com/twitter/news/6657.shtml http://www.secuobs.com/news/comments15112008-openssh_cbc_ctr_aes_cpni.shtml#2218 http://www.secuobs.com/news/comments15112008-openssh_cbc_ctr_aes_cpni.shtml#2218 Using and Extending Kojoney SSH Honeypot http://www.secuobs.com/revue/news/100751.shtml http://www.secuobs.com/news/comments15112008-openssh_cbc_ctr_aes_cpni.shtml#1585 http://www.secuobs.com/news/comments15112008-openssh_cbc_ctr_aes_cpni.shtml#1585 PUTTKyeak = PUTTY + KEYLOG + TWEAK http://www.secuobs.com/revue/news/100468.shtml http://www.secuobs.com/news/comments15112008-openssh_cbc_ctr_aes_cpni.shtml#1579 http://www.secuobs.com/news/comments15112008-openssh_cbc_ctr_aes_cpni.shtml#1579 OpenSSH chink bares encrypted data packets http://www.secuobs.com/revue/news/98239.shtml http://www.secuobs.com/news/comments15112008-openssh_cbc_ctr_aes_cpni.shtml#1521 http://www.secuobs.com/news/comments15112008-openssh_cbc_ctr_aes_cpni.shtml#1521 Sun Solaris SSH CBC Mode Plaintext Recovery Vulnérabilité http://www.secuobs.com/revue/news/43223.shtml http://www.secuobs.com/news/comments15112008-openssh_cbc_ctr_aes_cpni.shtml#364 http://www.secuobs.com/news/comments15112008-openssh_cbc_ctr_aes_cpni.shtml#364 There was an error in the original advisory. The estimate of 32768 attempts to carry out a successful attack is incorrect. The correct estimate is 11356 attempts. A revised version is now available at: http://www.openssh.com/txt/cbc.adv The advisory and its recommendations are otherwise unchanged. Vu sur bugtraq >>> http://secuobs.com/secumail/btsecumail/ http://www.secuobs.com/news/comments15112008-openssh_cbc_ctr_aes_cpni.shtml#324 http://www.secuobs.com/news/comments15112008-openssh_cbc_ctr_aes_cpni.shtml#324 la réponse d'openssh http://www.secuobs.com/secumail/btsecumail/msg14449.shtml http://www.secuobs.com/news/comments15112008-openssh_cbc_ctr_aes_cpni.shtml#321 http://www.secuobs.com/news/comments15112008-openssh_cbc_ctr_aes_cpni.shtml#321 alerte secunia relative aujourd'hui http://secuobs.com/secumail/snsecumail/msg13006.shtml http://www.secuobs.com/news/comments15112008-openssh_cbc_ctr_aes_cpni.shtml#313 http://www.secuobs.com/news/comments15112008-openssh_cbc_ctr_aes_cpni.shtml#313