Possible root-exploit in openssh?

[maf at appgate.com]

On 28 Nov, Fredrik Hultkrantz wrote:
> It doesn't seem to be the crc-bu but more somwthing in the line of a
> buffer overrun during the handshake

As far as I can see it is indeed the old bug in deattack.c they try to
exploit. At least I could not get the exploit you sent me to report the
sshd as vulnerable unless I backed out that old fix.

	/MaF