Bugtraq mailing list archives
Re: Sun libnsl lameness
From: nrh () SFX COM (nicholas harteau)
Date: Thu, 2 Jul 1998 00:44:20 -0500
it should be noted that ssh and sshd make use of insecure functions as mentioned below. [root@squig ~/work/ssh/ssh-1.2.25] nm sshd | egrep 'getnetname|getsecretkey' [428] | 372268| 0|FUNC |GLOB |0 |UNDEF |getnetname [527] | 372280| 0|FUNC |GLOB |0 |UNDEF |getsecretkey [root@squig ~/work/ssh/ssh-1.2.25] nm ssh | grep getnetname [416] | 356736| 0|FUNC |GLOB |0 |UNDEF |getnetname George Clooney wrote:
Functions we have found vulnerable: Vulnerable key functions --------------------------------------------------- getsecretkey () : Calls getkeys_nis () Vulnerable RPC functions ---------------------------------------------------- getnetname () : Calls host2netname ()
-- nicholas harteau nrh () sfx com
Current thread:
- Sun libnsl lameness George Clooney (Jul 01)
- Re: Sun libnsl lameness nicholas harteau (Jul 01)
- pop_msg in debian/qpopper: core, but no exploit Herbert Rosmanith (Jul 02)
- Alert: ASP vulnerability with Alternate Data Streams Aleph One (Jul 02)
- ::$DATA ISAPI filter Aleph One (Jul 02)
- ePerl: bad handling of ISINDEX queries Tiago Luz Pinto (Jul 06)
- Re: ePerl: bad handling of ISINDEX queries Andrew Pimlott (Jul 08)
- Re: ePerl: bad handling of ISINDEX queries Steve Willer (Jul 08)
- notes on Port scanning Lloyd Vancil (Jul 08)
- WWW Authorization Gateway Albert Nubdy (Jul 08)
- Re: ePerl: bad handling of ISINDEX queries Andrew Pimlott (Jul 08)
- Re: Sun libnsl lameness Allanah Myles (Jul 06)
- Re: Sun libnsl lameness mib () DEAKIN EDU AU (Jul 08)
(Thread continues...)