Since I'm fairly unfamiliar with the specific details of the SSH protocol, I was wondering if it was possible for a compromised SSHd server to upload a malicious payload (like a Trojan or some other nefarious code) back to a completely uncompromised client who was connecting to it.
I suppose a poorly-coded SSH client could definitely fall victim to this kind of attack through some sort of buffer overflow, but could it happen to something extremely well-maintained, stable, and battle-tested like the OpenSSH client? If so, has a documented example of such an exploit occurred in the past?
Aucun commentaire:
Enregistrer un commentaire