misc/114194: incorrect detect error password

Alex Keda admin at lissyara.su
Sun Jul 1 18:40:14 UTC 2007 

>Number:         114194
>Category:       misc
>Synopsis:       incorrect detect error password
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Jul 01 18:40:13 GMT 2007
>Closed-Date:
>Last-Modified:
>Originator:     Alex Keda
>Release:        6.2
>Organization:
ussr
>Environment:
FreeBSD lissyara.int.otradno.ru 6.2-RELEASE-p5 FreeBSD 6.2-RELEASE-p5 #0: Mon Jun 25 21:34:44 MSD 2007     lissyara at lissyara.int.otradno.ru:/usr/obj/shares/src6.2/src/sys/lissyara.int.otradno.ru.ipsec.2007-03-15  i386
>Description:
Incorrect detect bad password.
example:
Jul  1 22:25:53 lissyara sshd[32925]: error: PAM: authentication error for lissyara from 192.168.254.193
Jul  1 22:25:54 lissyara sshd[32925]: error: PAM: authentication error for lissyara from 192.168.254.193
but, expression in script not contain "error", - and not match on this situation
>How-To-Repeat:
always
>Fix:
patch (not attached - incorrect type?) http://lissyara.su/patch/patch-for-sshit.diff

diff -Nru sshit.orig/Makefile sshit/Makefile
--- sshit.orig/Makefile	Mon May  7 22:43:22 2007
+++ sshit/Makefile	Sun Jul  1 22:21:19 2007
@@ -7,6 +7,7 @@
 
 PORTNAME=	sshit
 PORTVERSION=	0.6
+PORTREVISION=	1
 CATEGORIES=	security
 MASTER_SITES=	http://anp.ath.cx/sshit/ \
 		${MASTER_SITE_LOCAL}
diff -Nru sshit.orig/files/patch-sshit.diff sshit/files/patch-sshit.diff
--- sshit.orig/files/patch-sshit.diff	Thu Jan  1 03:00:00 1970
+++ sshit/files/patch-sshit.diff	Sun Jul  1 22:16:03 2007
@@ -0,0 +1,11 @@
+--- sshit.orig	Sun Jul  1 22:13:45 2007
++++ sshit	Sun Jul  1 22:14:46 2007
+@@ -317,7 +317,7 @@
+ 
+ while (<>) {
+ 	chomp;
+-	if (/(failed|Invalid user) .*from (\d+\.\d+\.\d+\.\d+|[\da-fA-F:]+)/i ) { # IPv4 & IPv6
++	if (/(failed|error|Invalid user) .*from (\d+\.\d+\.\d+\.\d+|[\da-fA-F:]+)/i ) { # IPv4 & IPv6
+ 		$ip = $2;
+ 		if ($list{$ip}{name}) {
+ 			if ($list{$ip}{n} >= $MAX_COUNT) {


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-bugs mailing list