not being released

Dag-Erling Smørgrav des at
Wed Sep 10 18:17:02 EST 2008

"Kevin Deveau" <kdeveau at> writes:
> In theory this trapped connection can and has proven to be used for
> expolits as if the correct packet is sent to the box, using gathered
> information of course. the attacker becomes assumed by the local host
> thru a remote host and appears to be authenticated allowing executions
> based on the level of permission the frozen login has

That's a *very* tall claim with no evidence to support it.

Dag-Erling Smørgrav - des at

More information about the openssh-unix-dev mailing list