{"id":159,"date":"2011-08-01T23:07:46","date_gmt":"2011-08-01T21:07:46","guid":{"rendered":"http:\/\/blog.pi3.com.pl\/?p=159"},"modified":"2011-08-01T23:07:46","modified_gmt":"2011-08-01T21:07:46","slug":"useless-openssh-resources-exhausion-bug-via-gssapi","status":"publish","type":"post","link":"https:\/\/blog.pi3.com.pl\/?p=159","title":{"rendered":"Useless OpenSSH resources exhausion bug via GSSAPI"},"content":{"rendered":"<p>Long time ago, far away after mountains and forests was living OpenSSH bug&#8230; \ud83d\ude09 This vulnerability existed in the authentication algorithm for GSSAPI module. Every piece of the code pinted to the pre-authentication bug&#8230;<\/p>\n<p>Seriously, after a few time of research (un)fortunately this bug is directly after REAL authentication. So this is post-auth bug \ud83d\ude41 One call less and this will be funny pre-authentication bug&#8230; This is the reason why this bug is useless in fact and public now \ud83d\ude09<\/p>\n<p>Here is simple <a href=\"http:\/\/site.pi3.com.pl\/adv\/ssh_1.txt\">advisory<\/a> \ud83d\ude09<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Long time ago, far away after mountains and forests was living OpenSSH bug&#8230; \ud83d\ude09 This vulnerability existed in the authentication algorithm for GSSAPI module. Every piece of the code pinted to the pre-authentication bug&#8230; Seriously, after a few time of research (un)fortunately this bug is directly after REAL authentication. So this is post-auth bug \ud83d\ude41 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1],"tags":[],"class_list":["post-159","post","type-post","status-publish","format-standard","hentry","category-o-wszystkim-i-o-niczym"],"jetpack_featured_media_url":"","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/blog.pi3.com.pl\/index.php?rest_route=\/wp\/v2\/posts\/159","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.pi3.com.pl\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.pi3.com.pl\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.pi3.com.pl\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.pi3.com.pl\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=159"}],"version-history":[{"count":2,"href":"https:\/\/blog.pi3.com.pl\/index.php?rest_route=\/wp\/v2\/posts\/159\/revisions"}],"predecessor-version":[{"id":161,"href":"https:\/\/blog.pi3.com.pl\/index.php?rest_route=\/wp\/v2\/posts\/159\/revisions\/161"}],"wp:attachment":[{"href":"https:\/\/blog.pi3.com.pl\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=159"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.pi3.com.pl\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=159"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.pi3.com.pl\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=159"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}