Fwd: Re: [Full-Disclosure] new ssh exploit?
GomoR
bsd_sa at gomor.org
Tue Sep 16 05:18:19 PDT 2003
On Mon, Sep 15, 2003 at 08:53:56PM -0400, Mike Tancsa wrote:
>
> Has anyone around here heard of this ?
>
> ---Mike
[..]
I think it has just been commited, but not yet disclosed. See the
diff in FreeBSD CVS:
$ cd /usr/src/crypto/openssh
$ cvs diff -r1.1.1.1.2.4 -r1.1.1.7
Index: buffer.c
===================================================================
RCS file: /home/ncvs/src/crypto/openssh/buffer.c,v
retrieving revision 1.1.1.1.2.4
retrieving revision 1.1.1.7
diff -r1.1.1.1.2.4 -r1.1.1.7
15c15
< RCSID("$OpenBSD: buffer.c,v 1.16 2002/06/26 08:54:18 markus Exp $");
---
> RCSID("$OpenBSD: buffer.c,v 1.17 2003/09/16 03:03:47 deraadt Exp $");
71a72
> u_int newlen;
101,102c102,104
< buffer->alloc += len + 32768;
< if (buffer->alloc > 0xa00000)
---
>
> newlen = buffer->alloc + len + 32768;
> if (newlen > 0xa00000)
104,105c106,108
< buffer->alloc);
< buffer->buf = xrealloc(buffer->buf, buffer->alloc);
---
> newlen);
> buffer->buf = xrealloc(buffer->buf, newlen);
> buffer->alloc = newlen;
--
______________________________________________________________________
__ __
/ || \ FreeBSD Network - http://www.GomoR.org/
| __ |___/ Security Engineer
| || \
\__|| \ >I route, therefore I am<
More information about the freebsd-security
mailing list