-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, Dec 19, 2005 at 06:54:40AM +0100, Martin Schulze wrote: > A buffer overflow has been discovered in dropbear, a lightweight SSH2 > server and client, that may allow authenticated users to execute > arbitrary code as the server user (usually root).
Does anyone can provide pointers to this issue ? Maybe a paper ? I'm kind of worried, since dropbear is used on openwrt. []s - -- Rodrigo Barbosa <[EMAIL PROTECTED]> "Quid quid Latine dictum sit, altum viditur" "Be excellent to each other ..." - Bill & Ted (Wyld Stallyns) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDptttpdyWzQ5b5ckRAtKZAJ9nZVU4I8F7+oxM6mipCzzb/o2IkACeKLq+ kriWAndC47CW6jUigWzOJZQ= =/9fZ -----END PGP SIGNATURE----- _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
