search for: bn_sub_word

...cgi?id=1085 ------- Comment #13 from dtucker at zip.com.au 2006-10-03 20:36 ------- I'm now pretty sure this an OpenSSL bug. I helped someone else with a crash in the same place (DH GEX) and was able to reproduce it. It was a caused by a problem in UltraSPARC assembler implementation of bn_sub_words(). Since it's in the assembler code, building OpenSSL with "no-asm" will not exhibit the problem. This is from OpenSSL's CVS log: [quote] revision 1.5 date: 2005/11/15 08:02:10; author: appro; state: Exp; lines: +12 -0 Apply "better safe than sorry" approach after...

http://bugzilla.mindrot.org/show_bug.cgi?id=1085 Summary: Intermittent ssh core dumps Product: Portable OpenSSH Version: 4.2p1 Platform: Sparc OS/Version: Solaris Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: bitbucket at mindrot.org ReportedBy: js at phil.uu.nl I

...y. The very next time I get a crash and core file. The next time is successful. The next time a crash. I'm using the authmethod gssapi-with-mic using Windows 2000 as the KDC running ssh and sshd from a Solaris 9 box. Here's the backtrace from the core file: (gdb) bt #0 0xff1ff3d4 in bn_sub_words () from /usr/local/lib/libcrypto.so.0.9.8 #1 0xff1f8918 in bn_sub_part_words () from /usr/local/lib/libcrypto.so.0.9.8 #2 0xff1f9018 in bn_mul_recursive () from /usr/local/lib/libcrypto.so.0.9.8 #3 0xff1f9260 in bn_mul_recursive () from /usr/local/lib/libcrypto.so.0.9.8 (gdb) Please Reply to p...

..., CAST_cbc_encrypt, > CAST_decrypt, CAST_encrypt, RC4, RC5_32_cbc_encrypt, > RC5_32_decrypt, > RC5_32_encrypt, bn_add_words, bn_div_words, bn_mul_add_words, > bn_mul_comba4, bn_mul_comba8, bn_mul_words, bn_sqr_comba4, > bn_sqr_comba8, bn_sqr_words, bn_sub_words, des_decrypt3, > des_ede3_cbc_encrypt, des_encrypt, des_encrypt2, > des_encrypt3, > des_ncbc_encrypt, md5_block_asm_host_order, > sha1_block_asm_data_order > > Which of above are legal contenders ? > Are BSAFE/RSAREF part of above ? > > Any informati...

Hi guys, and here's a security related bug report. I think it's has been fixed in the 2.2.x-release of openssh, but I'm not sure. I tried to reproduce the problem with my 2.2.0p1 and could find any difference in the behaviour of ssh depending on wether PermitRootLogin was set to no. Could someone please confirm that this problem is not existing anymore? > When PermitRootLogin is

...CAST_decrypt, CAST_encrypt, RC4, RC5_32_cbc_encrypt, > > RC5_32_decrypt, > > RC5_32_encrypt, bn_add_words, bn_div_words, > bn_mul_add_words, > > bn_mul_comba4, bn_mul_comba8, bn_mul_words, bn_sqr_comba4, > > bn_sqr_comba8, bn_sqr_words, bn_sub_words, des_decrypt3, > > des_ede3_cbc_encrypt, des_encrypt, des_encrypt2, > > des_encrypt3, > > des_ncbc_encrypt, md5_block_asm_host_order, > > sha1_block_asm_data_order > > > > Which of above are legal contenders ? > > Are BSAFE/RSAREF part...

https://bugzilla.mindrot.org/show_bug.cgi?id=2302 Bug ID: 2302 Summary: ssh (and sshd) should not fall back to deselected KEX algos Product: Portable OpenSSH Version: 6.7p1 Hardware: All OS: All Status: NEW Severity: security Priority: P5 Component: ssh

https://bugzilla.mindrot.org/show_bug.cgi?id=2302 Bug ID: 2302 Summary: ssh (and sshd) should not fall back to deselected KEX algos Product: Portable OpenSSH Version: 6.7p1 Hardware: All OS: All Status: NEW Severity: security Priority: P5 Component: ssh