Bugtraq mailing list archives

RE: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0

From: "Sports" <madboo () gwu edu>
Date: Mon, 23 Jul 2001 15:17:26 -0400

 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

What about 2.9?

- -----Original Message-----
From: Thomas Roessler [mailto:roessler () does-not-exist org]
Sent: Monday, July 23, 2001 11:42 AM
To: Florian Weimer
Cc: BUGTRAQ () SECURITYFOCUS COM; customer.service () ssh com
Subject: Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0


On 2001-07-22 10:03:31 +0200, Florian Weimer wrote:

A quick glance at the source code suggests that SSH 2.3.0 and 
2.4.0 have the same problem.  Is this true?


I suppose we are talking about this section of ssh 2.4.0's
sshunixuser.c:

   940
   941    /* Authentication is accepted if the encrypted passwords are
identical. */
   942  #ifdef HAVE_HPUX_TCB_AUTH
   943    return strncmp(encrypted_password, correct_passwd,
   944                   strlen(correct_passwd)) == 0;
   945  #else /* HAVE_HPUX_TCB_AUTH */
   946    return strcmp(encrypted_password, correct_passwd) == 0;
   947  #endif /* HAVE_HPUX_TCB_AUTH */

If I read this correctly, it's certainly not a problem unless ssh is 
compiled with HAVE_HPUX_TCB_AUTH defined.  In that case, it may or 
may not be a problem.

- -- 
Thomas Roessler                        http://log.does-not-exist.org/

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBO1x4RXuovSIevPCzEQJgrACg7nG4kHVms/VV/fjKZPcT9OV0JRIAn2pG
Aqs6zdkLUaAYXceFoA3ydrLI
=8e4m
-----END PGP SIGNATURE-----

Current thread:

Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0, (continued)
- - - Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0 Nate Eldredge (Jul 23)
  - Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0 Brandon S. Allbery KF8NH (Jul 23)
- Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0 Michal Zalewski (Jul 21)
  - Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0 j (Jul 21)
  - Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0 Trond Eivind Glomsrød (Jul 23)
- Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0 Jen B. (Jul 21)
- Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0 Marcus Meissner (Jul 21)
- Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0 Florian Weimer (Jul 23)
  - Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0 Thomas Roessler (Jul 23)
    - Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0 Lucian Hudin (Jul 23)
    - RE: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0 Sports (Jul 24)
    - Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0 Seth Arnold (Jul 24)
- Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0 Marcin Zurakowski (Jul 23)
  - Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0 Brian Carpio (Jul 23)
    - Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0 Stephanie Thomas (Jul 23)
- Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0 Jaime BENJUMEA (Jul 23)
  - RE: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0 Jonathan A. Zdziarski (Jul 23)
- Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0 Roman Drahtmueller (Jul 23)
  - RE: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0 Stephanie Thomas (Jul 23)
    - RE: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0 Emre Yildirim (Jul 24)
    - RE: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0 Stephanie Thomas (Jul 25)

(Thread continues...)