Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 15 Jan 2016 16:56:13 +0100
From: "Jason A. Donenfeld" <>
To: oss-security <>, 
	Qualys Security Advisory <>
Subject: Re: Qualys Security Advisory - Roaming through the
 OpenSSH client: CVE-2016-0777 and CVE-2016-0778

Great work Qualys. One question about the PoC:

On Thu, Jan 14, 2016 at 6:13 PM, Qualys Security Advisory
<> wrote:
> # env ROAMING="heap_massaging:linux" "`pwd`"/sshd -o ListenAddress= -o
> UsePrivilegeSeparation=no -f /etc/ssh/sshd_config -h /etc/ssh/ssh_host_rsa_key

Does your proof of concept patch actually include support for this
heap_massaging mode?


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ