Darren Tucker
2004-Mar-06 06:57 UTC
[Bug 808] segfault if not using pam/keyboard-interactive mech and password's expired
bugzilla-daemon at mindrot.org wrote: >Summary: segfault if not using pam/keyboard-interactive mech and > password's expired I'm sorry to report that there is a bug in the PAM code in OpenSSH 3.8p1, and sorrier to say that I put it there. This is a NULL pointer dereference and is *not* considered to be a security vulnerability. When sshd is configured --with-pam, run with UsePAM=yes, and a user with an expired password successfully authenticates via a method other than keyboard-interactive without trying keyboard-interactive first, sshd will attempt to dereference a NULL pointer and segfault. In such a case, the user's session will be immediately terminated. If UsePAM=no (the default), this problem will not occur. The attached patch fixes this. Please test it, we would like to release a 3.8p2 soon containing this and a few other fixes. My apologies to anyone inconvenienced by this. -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement. -------------- next part -------------- An embedded and charset-unspecified text was scrubbed... Name: openssh-pam-authctxt.patch Url: http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20040306/48aad78d/attachment.ksh
Apparently Analagous Threads
- [Bug 808] segfault if not using pam/keyboard-interactive mech and password's expired
- [Bug 808] segfault if not using pam/keyboard-interactive mech and password's expired
- Permission denied (publickey,password,keyboard-interactive)
- PAM, chauthtok and keyboard-interactive
- [PATCH] Do PAM chauthtok via keyboard-interactive.