Displaying 2 results from an estimated 2 matches for "300penguins".
2008 Jul 12
2
[Bug 1486] New: Improperly used buffer during KEX
...Product: Portable OpenSSH
Version: 5.0p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: Miscellaneous
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: godji at 300penguins.org
In kex.c:kex_input_kexinit, when a packet with the other side's KEX
proposal is received, it is appended into a buffer that has not been
cleared first. This could lead to problems - in particular, if that
buffer already contains an old peer proposal, the new one will be
appended but the o...
2008 Jul 12
2
[Bug 1487] New: Race condition between monitor and unprivileged child in sshd
...lassified
Product: Portable OpenSSH
Version: 5.0p1
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: sshd
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy: godji at 300penguins.org
In the v2 protocol, after a connection, the accepting process forks in
privsep_preauth(). The parent executes monitor_child_preauth() to allow
certain privsep requests necessary for authentication. The unprivileged
child runs do_ssh2_kex() followed by do_authentication2().
If KEX is fast eno...