Comment by integralid

Comment by integralid 2 days ago

1 reply

View on Hacker News

Does it even work with openssh example? Pwning the parser progress will let attacker spoof arbitrary communication, which in case of SSH lets them execute arbitrary commands. Or is there a smart way to work around that?

deredede 2 days ago

You can send arbitrary commands, but they will be rejected unless you provide valid credentials first.

Reply View 0 replies