Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: OpenSSH: Dev

thought's on hostgator's "patch"

  

 
OpenSSH dev RSS feed   Index | Next | Previous | View Threaded


ahlist at gmail

Jul 13, 2009, 6:55 PM

Post #1 of 3 (820 views)
Permalink
thought's on hostgator's "patch"
I realize the recent ssh exploit rumors appear to be false.

However I've not saw any comments on hostgator's "patch"

http://67.18.54.2/~davec/ssh_exploit_fix.txt

They continue to talk as if they have inside information.

Comments?
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


djm at mindrot

Jul 13, 2009, 7:17 PM

Post #2 of 3 (754 views)
Permalink
Re: thought's on hostgator's "patch" [In reply to]
On Mon, 13 Jul 2009, ahlist wrote:

> I realize the recent ssh exploit rumors appear to be false.
>
> However I've not saw any comments on hostgator's "patch"
>
> http://67.18.54.2/~davec/ssh_exploit_fix.txt

The CBC cipher protocol weakness reported by CPNI is not an 0day attack
against sshd, so this configuration change (it is not really a patch)
will not offer any real protection against 0day attacks (real or
fictitious).

We are not aware of any other vulnerabilities relating to CBC mode
ciphers. Cipher vulnerabilities usually lead to information disclosure
rather than remote code execution anyway.

> They continue to talk as if they have inside information.

I haven't been in contact with anyone identifying themselves as being
associated with Hostgator, and I don't have any inside information to
give anyway.

-d
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev


ahlist at gmail

Jul 14, 2009, 5:04 AM

Post #3 of 3 (758 views)
Permalink
Re: thought's on hostgator's "patch" [In reply to]
On Mon, Jul 13, 2009 at 10:17 PM, Damien Miller<djm [at] mindrot> wrote:
> On Mon, 13 Jul 2009, ahlist wrote:
>
>
>> They continue to talk as if they have inside information.
>
> I haven't been in contact with anyone identifying themselves as being
> associated with Hostgator, and I don't have any inside information to
> give anyway.
>

I think what I wrote came across the wrong way. What I meant was that Hostgator
continues to act as if they have inside information from the anti-sec group or
a copy of the "exploit". It is very annoying - they (hostgator) need
to stop using phrases like:

"CBC SSH Exploit"

"Since the exploit uses CBC Ciphers..."

These indicate they have a copy of something they are not sharing.
Very annoying and
wrong if they actually do have a copy of something (unlikely).
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev [at] mindrot
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

OpenSSH dev RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.