Date: Tue, 3 Jan 2012 23:39:03 +0100 From: Nico Golde <oss-security+ml@...lde.de> To: oss-security@...ts.openwall.com Subject: Re: speaking of DoS, openssh and dropbear (CVE-2006-1206) Hi, * Solar Designer <solar@...nwall.com> [2012-01-03 02:58]: > On Tue, Jan 03, 2012 at 12:33:01AM +0100, Nico Golde wrote: > > P.S. if anyone has a clue on why that script still works with dropbear, even > > though it already seems to implement per-ip based connection counting... > > Does it still work? I was not able to reproduce that. I built Dropbear > 2011.54, generated an RSA host key with "./dropbearkey -t rsa -f > dropbear_rsa_host_key" and started the service with "./dropbear -r > dropbear_rsa_host_key -p 2222". Ignore my P.S., I tested this again and the patch works as expected. Sorry for the confusion... Cheers Nico -- Nico Golde - http://www.ngolde.de - nion@...ber.ccc.de - GPG: 0xA0A0AAAA For security reasons, all text in this mail is double-rot13 encrypted. Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.