 |
Post AjUhkDTV8DtWchtPeq by [email protected] |
 |
More posts by [email protected] |
|
Post #AjUaWIVkuVeiVgMa5g by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@tychotithonus it's a super hard vuln to trigger and it also takes forever … |
|
|
|
Post #AjUaWIcUVT2kqZVxaa by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@hrbrmstr @tychotithonus Ah! Ahh!I'm just reading the same updates as every… |
|
|
|
Post #AjUaYgrVLUzYbzg2XQ by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@hrbrmstr @tychotithonus Relevant lornks:www.qualys.com/2024/07/01/cve-2024-638… |
|
|
|
Post #AjUb826UMTpccwXRa4 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mttaggart @hrbrmstr @tychotithonus does the attack produce logs that something… |
|
|
|
Post #AjUb82CA1OMuuXByQC by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@Viss @hrbrmstr @tychotithonus I'm not sure! Based on my early readings of … |
|
|
|
Post #AjUbKvxGX9nfK0NNGy by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mttaggart @hrbrmstr @tychotithonus its possible to enable debug logging in ssh… |
|
|
|
Post #AjUbKw3IAkcXchCBfM by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@Viss @hrbrmstr @tychotithonus But! Important mitigation option, per the writeu… |
|
|
|
Post #AjUbb5hI50OOAcblU8 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mttaggart @hrbrmstr @tychotithonus oh interesting- so i guess setting it to li… |
|
|
|
Post #AjUbb5nJibDGTJQZsW by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@Viss @hrbrmstr @tychotithonus That sounds right, and would be generous for non… |
|
|
|
Post #AjUcGutKe5juorBUki by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mttaggart @hrbrmstr @tychotithonus if the attack "takes hours", and … |
|
|
|
Post #AjUcGuzMHgYn7Y0J96 by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@Viss @hrbrmstr @tychotithonus I'd have to see what SSH KEX logs look like … |
|
|
|
Post #AjUcL8LMZaF9hNJ4BE by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@Viss @hrbrmstr @tychotithonus And again, this is solely against 32-bit systems… |
|
|
|
Post #AjUdbgXpHXsiMIamjQ by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mttaggart @hrbrmstr @tychotithonus theres little way for an attacker to actual… |
|
|
|
Post #AjUdbgdUwSQ0dtFJZY by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@Viss @hrbrmstr @tychotithonus Absolutely. And to something like your original … |
|
|
|
Post #AjUgzTSZsjDOadAksK by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@Viss @hrbrmstr @tychotithonus Potential PoC: github.com/zgzhang/cve-2024-6387-… |
|
|
|
Post #AjUhbreaNWyUd55x1E by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mttaggart @hrbrmstr @tychotithonus been watching @gsuberland and @wdormann mes… |
|
|
|
Post #AjUhbrkxzo4wws52xs by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@Viss @mttaggart @hrbrmstr @tychotithonus @gsuberland TL;DR: While it looks pla… |
|
|
|
Post #AjUhkDTV8DtWchtPeq by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@Viss @mttaggart @hrbrmstr @tychotithonus Nope, short timeouts would actually l… |
|
|
|
Post #AjUhnjyCltzEH3w0mW by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mr64bit @tychotithonus @mttaggart @hrbrmstr oh interesting, ok |
|
|
|
Post #AjUhnk3sQoWWYeaXce by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@Viss @mr64bit @tychotithonus @hrbrmstr Ohhh right okay; that explains why it b… |
|
|
|
Post #AjUhxSH9Piq6I9QdtI by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@wdormann @Viss @hrbrmstr @tychotithonus @gsuberland It wouldn't be the fir… |
|
|
|
Post #AjUi8MAoRTR8YFf7rc by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@wdormann @Viss @mttaggart @hrbrmstr @tychotithonus the write-up timeline impli… |
|
|
|
Post #AjUi8MGq54G0qwTwG0 by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@gsuberland @wdormann @Viss @hrbrmstr @tychotithonus That would be...kinda not … |
|
|
|
Post #AjUiAqghxeSDllllxY by [email protected] |
|
0 likes, 1 repeats |
|
|
|
OK, I just found out about the OpenSSH root RCE race condition. Who is tracking… |
|
|
|
Post #AjUiKz35jJVOb34W2K by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@mttaggart @wdormann @Viss @hrbrmstr @tychotithonus if this is an LLM I'll … |
|
|
|
Post #AjUiKz8lOE2gsdj2sS by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@gsuberland @wdormann @Viss @hrbrmstr @tychotithonus I tend to agree; the timel… |
