[Galen Hancock <galen at veribox.net>] Information leakage in sshd
Philip Hands
phil at hands.com
Fri Mar 10 04:12:02 EST 2000
Hi,
Thought I'd just forward this here, because I don't have time to look
into it right now, and am off skiing next week.
I'd guess that we should be checking for username = ``root'' before
going off to do password checks, and rejecting it on that basis first.
Cheers, Phil.
--
Mind-numbingly stupid UK law alert!
Act now to stop it! http://www.stand.org.uk/
-------------- next part --------------
An embedded message was scrubbed...
From: Galen Hancock <galen at veribox.net>
Subject: Information leakage in sshd
Date: Wed, 8 Mar 2000 11:20:39 -0800
Size: 1430
Url: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20000309/7f094309/attachment.mht
-------------- next part --------------
More information about the openssh-unix-dev
mailing list