Bugtraq mailing list archives
Re: ssh-1.2.27 remote buffer overflow - exploitable (VD#7)
From: jtb () THEO2 PHYSIK UNI-STUTTGART DE (Jochen Bauer)
Date: Tue, 16 Nov 1999 20:48:36 +0100
On Tue, Nov 16, 1999 at 11:30:16AM +0100, Oystein Viggen wrote:
Blue Boar wrote:<SNIP> Debian is immune for the (somewhat messy) reasons that they do not link ssh to rsaref, last time that I checked. <SNIP>Does the fact that the international version of ssh from replay.com uses "internal rsaref" instead of the "external rsaref" in the US version make it immune to this attack too? The version is at least not as far as I can see externally linked to any rsaref library:
[...] As the buffer overflow is not located in the rsaref library itself, one cannot say that a particular version of sshd is vulnerable or not just because of the libraries it has been linked with. The start of all trouble is in rsaglue.c, where a pointer to the fixed length buffer input_data[MAX_RSA_MODULUS_LEN] in the function rsa_private_decrypt is passed to gmp_to_rsaref. However, this piece of code is only compiled in when "RSAREF" is defined during compilation time (preprocessing time, to be precise), as it first deals with the conversion of the encrypted session key from multiple precision integer format to some kind of format expected by the rsaref library functions before calling the actual decryption routine. The overflow then occurs in mpaux.c in the function "mp_linearize_msb_first". If "RSAREF" is not defined because the rsaref library functions are not used, the function "rsa_private_decrypt" compiled in in this case does not make use of such a fixed length buffer. So, in summary one may say that if a binary is linked with a RSA implematation that uses the same interface as rsaref, the "rsa_private_decrypt" function which handles the conversion from multiple precision integer to the "rsaref" format and uses the fixed length buffer input_data[MAX_RSA_MODULUS_LEN] is compiled in, and therefore i expect it to be vulnerable. -- Jochen Bauer RUS Security Team (RUS-CERT) Computer Center of the University of Stuttgart Germany ************************************************************************ *Email: jtb () theo2 physik uni-stuttgart de * * jochen.bauer () rus uni-stuttgart de * * * *PGP Public Key: * *http://ca.uni-stuttgart.de:11371/pks/lookup?op=index&search=0xB5D92889* ************************************************************************ <!-- attachment="bin0a21189" --> <HR> <UL> <LI>application/pgp-signature attachment: stored </UL>
Current thread:
- ssh-1.2.27 remote buffer overflow - exploitable (VD#7) Blue Boar (Nov 13)
- Re: ssh-1.2.27 remote buffer overflow - exploitable (VD#7) Theo de Raadt (Nov 13)
- Re: ssh-1.2.27 remote buffer overflow - exploitable (VD#7) Szilveszter Adam (Nov 14)
- Re: ssh-1.2.27 remote buffer overflow - exploitable (VD#7) Brian Fundakowski Feldman (Nov 14)
- BIND 8.2.2-P5 release announcement Roger Fajman (Nov 13)
- <Possible follow-ups>
- Re: ssh-1.2.27 remote buffer overflow - exploitable (VD#7) Oystein Viggen (Nov 16)
- Re: ssh-1.2.27 remote buffer overflow - exploitable (VD#7) Daniel Jacobowitz (Nov 16)
- Re: ssh-1.2.27 remote buffer overflow - exploitable (VD#7) Jochen Bauer (Nov 16)
- Re: ssh-1.2.27 remote buffer overflow - exploitable (VD#7) Nick Craig-Wood (Nov 18)
- ProFTPd - mod_sqlpw.c Todd C. Campbell (Nov 19)
- Pandora v4 Beta 2 Software Simple Nomad (Nov 19)
- Remote D.o.S Attack in G6 FTP Server v2.0 (beta 4/5) Vulnerability Ussr Labs (Nov 16)
- Re: Remote D.o.S Attack in G6 FTP Server v2.0 (beta 4/5) Vulnerability Seth R Arnold (Nov 17)
- Re: Remote D.o.S Attack in G6 FTP Server v2.0 (beta 4/5) Vulnerability Marc (Nov 17)
- SuSE Security Announcement - syslogd (a1) Thomas Biege (Nov 18)
- local users can panic linux kernel (was: SuSE syslogd advisory) Mixter (Nov 18)
- Re: local users can panic linux kernel (was: SuSE syslogd advisory) Alan Cox (Nov 19)
- Re: local users can panic linux kernel (was: SuSE syslogd advisory) Savochkin Andrey Vladimirovich (Nov 20)
- Re: ssh-1.2.27 remote buffer overflow - exploitable (VD#7) Theo de Raadt (Nov 13)