On 7/17/2015 3:19 PM, Mike Tancsa wrote:
> --
> https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactive-authentication-brute-force-vulnerability-maxauthtries-bypass/
> With this vulnerability an attacker is able to request as many password
> prompts limited by the “lo
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 07/23/15 07:22, Mike Tancsa wrote:
> On 7/17/2015 3:19 PM, Mike Tancsa wrote:
>> --
>> https://kingcope.wordpress.com/2015/07/16/openssh-keyboard-interactiv
e-authentication-brute-force-vulnerability-maxauthtries-bypass/
>>
>>
Wi
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 07/22/15 06:18, Slawa Olhovchenkov wrote:
> On Wed, Jul 22, 2015 at 02:57:46AM +, FreeBSD Security
> Advisories wrote:
>
> This is correspondent to kern/25986? Or kern/25986 is different
> bug?
I think it's the same bug.
Cheers,
- --
Xin L
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 07/21/15 23:52, ga...@zahemszky.hu wrote:
>> IV. Workaround
>>
>> No workaround is available, but systems that do not provide TCP
>> based service to untrusted networks are not vulnerable.
>>
>> Note that the tcpdrop(8) utility can be used to p
On Thu, Jul 23, 2015 at 12:29:57PM -0700, Xin Li wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> On 07/22/15 06:18, Slawa Olhovchenkov wrote:
> > On Wed, Jul 22, 2015 at 02:57:46AM +, FreeBSD Security
> > Advisories wrote:
> >
> > This is correspondent to kern/25986? Or kern/2
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
(Bcc'ed some unnamed patch authors so they can correct me if I was wrong
).
On 07/23/15 13:48, Slawa Olhovchenkov wrote:
> On Thu, Jul 23, 2015 at 12:29:57PM -0700, Xin Li wrote:
>
>> -BEGIN PGP SIGNED MESSAGE- Hash: SHA512
>>
>> On 07/22/
On Thu, Jul 23, 2015 at 02:33:31PM -0700, Xin Li wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> (Bcc'ed some unnamed patch authors so they can correct me if I was wrong
> ).
>
> On 07/23/15 13:48, Slawa Olhovchenkov wrote:
> > On Thu, Jul 23, 2015 at 12:29:57PM -0700, Xin Li wrot
