Bugtraq mailing list archives
Bad PRNGs revisted in FreSSH
From: "Charles M. Hannum" <root () IHACK NET>
Date: Tue, 13 Feb 2001 03:10:29 GMT
The newly announced FreSSH, when there is no /dev/urandom available, uses a `fallback' to seed its PRNG that consists of: int numfs, whichfs = 0; struct statfs *mntbuf; numfs = getmntinfo(&mntbuf, MNT_NOWAIT); while (whichfs < numfs) { ssh_rand_feed((void *) mntbuf, sizeof(struct statfs)); memset(mntbuf, 0, sizeof(struct statfs)); mntbuf++; whichfs++; } I don't think I need to tell people on this list why that's absolutely horrible; I'm just pointing out that code is still released today with crap like this. I would have thought we'd learned this lesson years ago with the AFS, krb4, Netscape, et al vulnerabilities.
Current thread:
- Bad PRNGs revisted in FreSSH Charles M. Hannum (Feb 13)
- <Possible follow-ups>
- Re: Bad PRNGs revisted in FreSSH tls (Feb 14)
- OS snobbery... (was Re: Bad PRNGs revisted in FreSSH) Valdis Kletnieks (Feb 15)
- Re: OS snobbery... (was Re: Bad PRNGs revisted in FreSSH) Thor Lancelot Simon (Feb 15)
- Re: OS snobbery... (was Re: Bad PRNGs revisted in FreSSH) Lars Hecking (Feb 15)
- OS snobbery... (was Re: Bad PRNGs revisted in FreSSH) Valdis Kletnieks (Feb 15)
- Re: Bad PRNGs revisted in FreSSH Damien Miller (Feb 15)
- Re: Bad PRNGs revisted in FreSSH Andrew Brown (Feb 15)
- Re: Bad PRNGs revisted in FreSSH Joe Laffey (Feb 15)
- Re: Bad PRNGs revisted in FreSSH Ulf Moeller (Feb 15)
- Re: Bad PRNGs revisted in FreSSH Thor Lancelot Simon (Feb 15)