Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Jim Paris (jim_at_jtan.com)
Date: Sun Jul 28 2002 - 05:14:55 CDT
> Thanks (and to Jim Paris).
> I of course did not mean that it was OK for the client to have code
> injection "portholes". I just meant that the particular exploit path
> that was described wasn't very interesting since someone who maliciously
> controls the sshd to which you are speaking has so many other
> opportunities to exploit you.
Once again, you're wrong. "The particular exploit path that was
desscribed" does _not_ require that someone can control the sshd to
which you're speaking -- it only requires that someone can control
your TCP/IP traffic. There's a very big difference there. Obviously,
the security of your TCP/IP traffic is solved with host key
verification and cryptography. But this bug in SecureCRT happens way,
way before any of that takes place.