search for: deattack_detected

Displaying 3 results from an estimated 3 matches for "deattack_detected".

2003 Aug 22
0
[PATCH] memory leaked leaving scope
...22 Aug 2003 05:34:05 -0000 @@ -112,20 +112,26 @@ if (len <= HASH_MINBLOCKS) { for (c = buf; c < buf + len; c += SSH_BLOCKSIZE) { if (IV && (!CMP(c, IV))) { - if ((check_crc(c, buf, len, IV))) + if ((check_crc(c, buf, len, IV))) { + if (h) + xfree(h); return (DEATTACK_DETECTED); - else + } else break; } for (d = buf; d < c; d += SSH_BLOCKSIZE) { if (!CMP(c, d)) { - if ((check_crc(c, buf, len, IV))) + if ((check_crc(c, buf, len, IV))) { + if (h) + xfree(h); return (DEATTACK_DETECTED); - else + } else break;...
2006 May 15
1
[PATCH 2/12] bug fix: openssh-4.3p2 NULL dereference
...0500 @@ -137,7 +137,7 @@ detect_attack(u_char *buf, u_int32_t len for (i = HASH(c) & (n - 1); h[i] != HASH_UNUSED; i = (i + 1) & (n - 1)) { if (h[i] == HASH_IV) { - if (!CMP(c, IV)) { + if (IV && !CMP(c, IV)) { if (check_crc(c, buf, len, IV)) return (DEATTACK_DETECTED); else
2001 Feb 08
0
[CORE SDI ADVISORY] SSH1 CRC-32 compensation attack detector vulnerability
...r (c = buf, j = 0; c < (buf + len); c += SSH_BLOCKSIZE, j++) { (*) for (i = HASH(c) & (n - 1); h[i] != HASH_UNUSED; i = (i + 1) & (n - 1)) { if (h[i] == HASH_IV) { if (!CMP(c, IV)) { if (check_crc(c, buf, len, IV)) return (DEATTACK_DETECTED); else break; } } else if (!CMP(c, buf + h[i] * SSH_BLOCKSIZE)) { if (check_crc(c, buf, len, IV)) return (DEATTACK_DETECTED); else break; } } (*) h[i] = j; } A would-be attacker does not need to authentica...