Displaying 3 results from an estimated 3 matches for "deattack_detect".
Did you mean:
deattack_detected
2003 Aug 22
0
[PATCH] memory leaked leaving scope
...22 Aug 2003 05:34:05 -0000
@@ -112,20 +112,26 @@
if (len <= HASH_MINBLOCKS) {
for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) {
if (IV && (!CMP(c, IV))) {
- if ((check_crc(c, buf, len, IV)))
+ if ((check_crc(c, buf, len, IV))) {
+ if (h)
+ xfree(h);
return (DEATTACK_DETECTED);
- else
+ } else
break;
}
for (d = buf; d < c; d += SSH_BLOCKSIZE) {
if (!CMP(c, d)) {
- if ((check_crc(c, buf, len, IV)))
+ if ((check_crc(c, buf, len, IV))) {
+ if (h)
+ xfree(h);
return (DEATTACK_DETECTED);
- else
+ } else
break;...
2006 May 15
1
[PATCH 2/12] bug fix: openssh-4.3p2 NULL dereference
...0500
@@ -137,7 +137,7 @@ detect_attack(u_char *buf, u_int32_t len
for (i = HASH(c) & (n - 1); h[i] != HASH_UNUSED;
i = (i + 1) & (n - 1)) {
if (h[i] == HASH_IV) {
- if (!CMP(c, IV)) {
+ if (IV && !CMP(c, IV)) {
if (check_crc(c, buf, len, IV))
return (DEATTACK_DETECTED);
else
2001 Feb 08
0
[CORE SDI ADVISORY] SSH1 CRC-32 compensation attack detector vulnerability
...r (c = buf, j = 0; c < (buf + len); c += SSH_BLOCKSIZE, j++)
{
(*) for (i = HASH(c) & (n - 1); h[i] != HASH_UNUSED;
i = (i + 1) & (n - 1))
{
if (h[i] == HASH_IV)
{
if (!CMP(c, IV))
{
if (check_crc(c, buf, len, IV))
return (DEATTACK_DETECTED);
else
break;
}
} else if (!CMP(c, buf + h[i] * SSH_BLOCKSIZE))
{
if (check_crc(c, buf, len, IV))
return (DEATTACK_DETECTED);
else
break;
}
}
(*) h[i] = j;
}
A would-be attacker does not need to authenti...