ssh: Prefix truncation attack on Binary Packet Protocol (BPP)

A flaw was found in the SSH channel integrity. By manipulating sequence numbers during the handshake, an attacker can remove the initial messages on the secure channel without causing a MAC failure. For example, an attacker could disable the ping extension and thus disable the new countermeasure ...

Linux Kernel 2.6.32-5 (Debian 6.0.5) - '/dev/ptmx' Key Stroke Timing Local Disclosure

!/bin/bash ptmx-su-pwdlen.sh -- This PoC determine the password length of a local user who runs "su -". Done thanks to the ptmx keystroke timing attack CVE-2013-0160. See http://vladz.devzero.fr/013ptmx-timing.php for more information. Tested on Debian 6.0.5 kernel 2.6.32-5-amd64. "THE BEER-WARE...

Linux Kernel 2.6.32-5 (Debian 6.0.5) - devptmx Key Stroke Timing Local Disclosure

Linux Kernel 2.6.32-5 Debian 6.0.5 - devptmx Key Stroke Timing Local Disclosure !/bin/bash ptmx-su-pwdlen.sh -- This PoC determine the password length of a local user who runs "su -". Done thanks to the ptmx keystroke timing attack CVE-2013-0160. See http://vladz.devzero.fr/013ptmx-timing.php for...

Entropy sources information leakage

Entropy sources can be used for keystrokes timing attack...