SSH 4.3 dos question

From: Francois Yang (francois.y@gmail.com)
Date: Thu Feb 22 2007 - 11:45:43 EST

• Next message: Craig Wright: "RE: Ethical hacker article published"
• Previous message: pand0ra: "Re: DNS mapping"
• Next in thread: M.B.Jr.: "Re: SSH 4.3 dos question"
• Reply: M.B.Jr.: "Re: SSH 4.3 dos question"
• Maybe reply: earle.david@gmail.com: "Re: SSH 4.3 dos question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

I'm evaluating a friends server and I noticed that he had a vulnerable
version of SSH.
Nmap result;
22/tcp open ssh OpenSSH 4.3 (protocol 1.99)

According to security focus it is vulnerable to a DOS attack.
http://www.securityfocus.com/bid/20216/info
cve - CVE-2006-4924

When I run the script from millw0rm which is suppose to cause the DOS
nothing happens.
The scripts runs fine saying that it worked, but the server doesn't
seem to be affected.
http://milw0rm.com/exploits/2444

Any ideas?

thanks.

-- 
If you think technology can solve your security problems, then you
don't understand the problems and you don't understand the technology.
Bruce Schneier
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------

• Next message: Craig Wright: "RE: Ethical hacker article published"
• Previous message: pand0ra: "Re: DNS mapping"
• Next in thread: M.B.Jr.: "Re: SSH 4.3 dos question"
• Reply: M.B.Jr.: "Re: SSH 4.3 dos question"
• Maybe reply: earle.david@gmail.com: "Re: SSH 4.3 dos question"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:36 EDT