From: earle.david@gmail.com
Date: Sat Feb 24 2007 - 21:45:54 EST
1. Is OpenSSH configured to accept SSH version one traffic? I'm not up on SSH, but you might be able to test this with a connection attempt for an older version.
2. What hardware is the system running? Even if the system is vulnerable, the vulnerability description only says that a DOS is possible. A high-end CPU or processing limits placed on the service could cause you some problems.
Beyond that, you may want to vet the exploit code to ensure that it's doing what it says its doing. From glancing at it it looks fine, but you do see a lot of vulnerabilities that are subtly edited to simply not work, at least if you don't tweak them appropriately.
Good luck with your testing!
------------------------------------------------------------------------
This List Sponsored by: Cenzic
Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:57:36 EDT