Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > FreeBSD Security> 1999-q3

FreeBSD Security Archives: Re: Fwd: ssh-1.2.27 remote buffer ov

Re: Fwd: ssh-1.2.27 remote buffer overflow - exploitable (VD#7)

Udo Schweigert (ustcert.siemens.de)
Tue, 16 Nov 1999 22:37:50 +0100

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Next message: Mychal McGrew: "Re: Fwd: ssh-1.2.27 remote buffer overflow - exploitable (VD#7)"
Previous message: spork: "Re: Fwd: ssh-1.2.27 remote buffer overflow - exploitable (VD#7)"
In reply to: Mike Tancsa: "Re: Fwd: ssh-1.2.27 remote buffer overflow - exploitable (VD#7)"
Next in thread: Mychal McGrew: "Re: Fwd: ssh-1.2.27 remote buffer overflow - exploitable (VD#7)"
Reply: Mychal McGrew: "Re: Fwd: ssh-1.2.27 remote buffer overflow - exploitable (VD#7)"
Reply: spork: "Re: Fwd: ssh-1.2.27 remote buffer overflow - exploitable (VD#7)"

On Tue, Nov 16, 1999 at 04:13:34PM -0500, spork wrote:
> On Tue, 16 Nov 1999, Mike Tancsa wrote:
>
> > I cant help you with OpenSSH, but the patches for sshd have been commited
> > to fix the exploit in question.
>
> It seems www.ssh.fi has removed one of the patches necessary to compile
> the port (fetch: patch-ssh-1.2.27-bsd.tty.chown: www.ssh.fi: HTTP server
> returned error code 404). Anyone have a copy of this that could be put up
> on ftp.freebsd.org under distfiles?
>

I have it here. Whom should I mail it?

Regards.
-------------------------------------------------------------------------------
Udo Schweigert || Voice : +49 89 636 42170
Siemens AG, Siemens CERT || Fax : +49 89 636 41166
ZT IK 3 || email : Udo.Schweigertmchp.siemens.de
D-81730 Muenchen / Germany || : ustcert.siemens.de
PGP fingerprint || 2A 53 F6 A6 30 59 64 02 6B C4 E0 73 B2 C9 6C E7
-------------------------------------------------------------------------------

To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Next message: Mychal McGrew: "Re: Fwd: ssh-1.2.27 remote buffer overflow - exploitable (VD#7)"
Previous message: spork: "Re: Fwd: ssh-1.2.27 remote buffer overflow - exploitable (VD#7)"
In reply to: Mike Tancsa: "Re: Fwd: ssh-1.2.27 remote buffer overflow - exploitable (VD#7)"
Next in thread: Mychal McGrew: "Re: Fwd: ssh-1.2.27 remote buffer overflow - exploitable (VD#7)"
Reply: Mychal McGrew: "Re: Fwd: ssh-1.2.27 remote buffer overflow - exploitable (VD#7)"
Reply: spork: "Re: Fwd: ssh-1.2.27 remote buffer overflow - exploitable (VD#7)"

This archive was generated by hypermail 2.0b3 on Tue Nov 16 1999 - 15:38:02 CST