|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: SSH 1.2.26 vulnerability real or not?
From: Bluefish (P.Magnusson) (11a
GMX.NET)Date: Thu Aug 17 2000 - 10:02:42 CDT
- Next message: Chris Tobkin: "Re: Non-Mathmatical Forging of PKI Digital Certificates / Throwin g Rocks at the PKI"
- Previous message: Sebastian: "Re: AMD Sledgehammer and ascii-only shellcode"
- Next in thread: Jan IVEN: "Re: SSH 1.2.26 vulnerability real or not?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I'm curious about an old SSH issue I stumbled accross at
http://marc.theaimsgroup.com. It's regarding the old SSH 1.2.26 code.
Looking at the following flamewar between IBM, rootshell and ssh.fi:
http://marc.theaimsgroup.com/?l=rootshell-announce&m=90995421621205&w=2
IBM it short:
The "log_msg" function, called by several parts of the server program to
send information to the system log, copies user-supplied data into a local
buffer without checking that the data will fit.
IBM's fixes were indeed applied to SSH 1.2.27, from the Changelog:
* Added snprintf from ssh2.
* Tatu's sprintf -> snprintf fixes.
* Fixed potential buffer overflows.
It sounds this is a subject which must have been researched more than
poking around at http://marc.theaimsgroup.com reveales. Anyone know if
this truely only was "potential"?
Trying to stay away from flaming SSH, but can you really commit a fix and
at the same time deny that there is no problem?
..:::::::::::::::::::::::::::::::::::::::::::::::::..
http://www.11a.nu || http://bluefish.11a.nu
eleventh alliance development & security team
- Next message: Chris Tobkin: "Re: Non-Mathmatical Forging of PKI Digital Certificates / Throwin g Rocks at the PKI"
- Previous message: Sebastian: "Re: AMD Sledgehammer and ascii-only shellcode"
- Next in thread: Jan IVEN: "Re: SSH 1.2.26 vulnerability real or not?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]