|
|
|
|
|
|
by alanpost
3806 days ago
|
|
|
Given that this exploit happens during capability negotiation (or whatever SSH calls that part of the protocol), it also cannot be mitigated via pledge[2], which is where OpenBSD has been focusing a lot of attention. This is an unusual stumble for the OpenBSD team. Client-side privsep support, if such a thing existed, might mitigate attacks like this. As it stands protecting against exploits of this type wasn't even on the hardening roadmap. http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/... |
|
|