|
|
|
|
|
|
by fn-mote
679 days ago
|
|
|
There are many points made in the presentation, including that a significant number of ~~targets~~ hosts are not running OpenSSH. See the list and the claims that some classes of them are important. The swipe at "running shell commands" isn't very credible, but the second attack surface is legitimate. |
|
|
> Supports the execution of shell commands on behalf of valid SPA packets.
Even if it were only a statically configured command (no idea if it is or isn't), as soon as that door is opened, it leads to a morass.