Re: OpenSSH/PAM timing attack allows remote users identification

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: bugtraq@securityfocus.com
Subject: Re: OpenSSH/PAM timing attack allows remote users identification
From: ilja van sprundel <ilja@netric.org>
Date: 1 May 2003 23:59:13 -0000

In-Reply-To: <Pine.LNX.4.30L2.0304301358220.9889-200000@dns.mediaservice.net>

hm, this has been known for some time, 
and stealth of teso wrote a nice paper and some 
example tools for stuff like that :
http://www.team-teso.net/releases/epta.tgz

Prev by Date: HP-UX 11.0 /usr/bin/kermit
Next by Date: [SECURITY] [DSA 298-1] New EPIC4 packages fix DoS and arbitrary code execution
Previous by thread: Re: OpenSSH/PAM timing attack allows remote users identification
Next by thread: [CLA-2003:614] REVISED: Conectiva Security Announcement - sendmail
Index(es):
- Date
- Thread

[Index of Archives] [Linux Security] [Netfilter] [PHP] [Yosemite News] [Linux Kernel]

Powered by Linux