From: Francois Yang (francois.y@gmail.com)
Date: Thu Feb 22 2007 - 11:45:43 EST
I'm evaluating a friends server and I noticed that he had a vulnerable
version of SSH.
Nmap result;
22/tcp open ssh OpenSSH 4.3 (protocol 1.99)
According to security focus it is vulnerable to a DOS attack.
http://www.securityfocus.com/bid/20216/info
cve - CVE-2006-4924
When I run the script from millw0rm which is suppose to cause the DOS
nothing happens.
The scripts runs fine saying that it worked, but the server doesn't
seem to be affected.
http://milw0rm.com/exploits/2444
Any ideas?
thanks.
-- If you think technology can solve your security problems, then you don't understand the problems and you don't understand the technology. Bruce Schneier ------------------------------------------------------------------------ This List Sponsored by: Cenzic Need to secure your web apps? Cenzic Hailstorm finds vulnerabilities fast. Click the link to buy it, try it or download Hailstorm for FREE. http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW ------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:36 EDT