SSH CRC-32 bug is from SSH 1, which was resolved in SSH 2. Coarse', now
there are some vulnerabilities in SSH 2, published Dec. 2002 (joy). The
vulnerability depends upon the vendor (I believe that OpenSSH is not).
I would hazard a guess that the Matrix computers have to be on SSH 7 (or
higher). The vulnerabilities in SSH 2 are certainly not as harsh as
what Trinity was running. "SSHredder" is what I have read about but
have not tested.
http://www.rapid7.com/advisories/R7-0009.txt
http://www.kb.cert.org/vuls/id/389665
Pete
On Mon, 2003-05-19 at 09:39, Levi Bard wrote:
> > SSH has a security issue. Discovered in February, 2001 by security
> > analyst Michal Zalewski, the SSH CRC-32 bug is a very real buffer
> > overflow in a chunk of code designed to guard against cryptographic
> > attacks on SSH version one. Properly exploited, it grants full remote
> > access to the vulnerable machine.
> >
> > "I think there are at least two public exploits in circulation right
> > now," said Zalewski, in a telephone interview. "They just got released
> > about a month after the advisory. And I know there are some that are not
> > public."
>
> This issue has long ago been fixed in all the implementations of SSH about
> which I know. Additionally, most servers use SSH 2 now.
>
> > The actual program Trinity uses is fictitious -- there no "sshnuke,"
> > yet, and genuine exploits sensibly drop the user directly into a root
> > shell, while the big screen version forces the hacker to change the
> > system's root password -- in this case to "Z1ON1010.".
>
> I'd guess, if we were discussing real life, that `sshnuke` was a script
> they wrote.
>
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 20:07:04 EDT