thr3ads.net - openssh unix dev - Buffer overflow in OpenSSH 2.2.0-3.1.0 [Apr 2002]

If this information is useful, please help other people find it:
Share via:

Twitter
Facebook
Email

Osmo Paananen

2002-Apr-20 07:42 UTC

Buffer overflow in OpenSSH 2.2.0-3.1.0

Hi!

I just saw this on bugtraq. Does someone have more details about this?


Subject: OpenSSH 2.2.0 - 3.1.0 server contains a locally exploitable
    buffer overflow
From: Marcell Fodor <m.fodor at mail.datanet.hu>
Date: 19 Apr 2002 22:42:51 -0000 (Sat 01:42 EEST)
To: bugtraq at securityfocus.com



effect:
	local root

 vulnerable services:

	-pass Kerberos IV TGT
	-pass AFS Token 

bug details:

	radix.c
	GETSTRING macro in radix_to_creds 
function may cause buffer overflow.
	affected buffers:
	
	    creds->service
	    creds->instance
	    creds->realm
	    creds->pinst

exploit code here: mantra.freeweb.hu

Apparently Analagous Threads

Revised OpenSSH Security Advisory (adv.token)
Revised OpenSSH Security Advisory (adv.token)
scp with F-Secure SSH2
trouble with TC
Genentech Nonclinical Biostatistics Position in South San Francisco

Search for more reasonably related threads

openssh unix dev - Apr 2002 - Buffer overflow in OpenSSH 2.2.0-3.1.0

Buffer overflow in OpenSSH 2.2.0-3.1.0

Apparently Analagous Threads

Wisdom of the Ancients