similar to: [Bug 896] Inproper Input buffer handleing

http://bugzilla.mindrot.org/show_bug.cgi?id=1131 ------- Comment #18 from cove at wildpackets.com 2006-03-17 09:06 ------- It could be a bug in cryptlib, but I had the same problem with libssh and the first comment in this bug report is with a 3rd implementation. debug2: load_server_config: filename /usr/local/etc/sshd_config debug2: load_server_config: done config len = 292 debug2:

http://bugzilla.mindrot.org/show_bug.cgi?id=896 Summary: Inproper Input buffer handleing Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: Miscellaneous AssignedTo: openssh-bugs at mindrot.org ReportedBy: stevensm

http://bugzilla.mindrot.org/show_bug.cgi?id=1264 Summary: Channel not close by sshd Server Product: Portable OpenSSH Version: 4.3p2 Platform: Other OS/Version: HP-UX Status: NEW Severity: critical Priority: P2 Component: sshd AssignedTo: bitbucket at mindrot.org ReportedBy: ajain at hp.com

http://bugzilla.mindrot.org/show_bug.cgi?id=1258 Summary: sftp-server run although Subsystem disabled Product: Portable OpenSSH Version: 4.3p1 Platform: Other OS/Version: All Status: NEW Severity: normal Priority: P2 Component: sftp-server AssignedTo: bitbucket at mindrot.org ReportedBy:

The 4.6p1 sshd is logging this error during remote commands or file transfers: error: channel 0: chan_read_failed for istate 3 Platform is Solaris 8, 4.6p1 + OpenSSL 0.9.8d. The commands and transfers work correctly, so the error message appears to be spurious. The error message does not appear when processing logins. Otherwise 4.6p1 is running without any apparent problems. This error

Hi, I'm a little stuck on getting reverse connection working reliably from embedded devices running dropbear 0.51 to Ubuntu 8.x openssh. Connecting to local reverse socket often fails (not always) with "ssh_exchange_identification: Connection closed by remote host" My devices can reverse ssh and open a port on my server always, but often when the server is creating the reverse

We have developed a patch that enables changing the SSH window size using the tcp window size as the source. This allows SSH to obtain maximum use of the bandwidth on high BDP links. We also have a page that describes the changes and performance. http://www.psc.edu/~rapier/hpn-ssh/ The patch against CVS is included here. Common subdirectories: src/usr.bin/ssh/CVS and ssh/CVS diff -u

http://bugzilla.mindrot.org/show_bug.cgi?id=179 Summary: sshd sends channel data after sending EOF Product: Portable OpenSSH Version: 3.1p1 Platform: ix86 URL: http://www.denisbider.com OS/Version: Linux Status: NEW Severity: major Priority: P2 Component: sshd AssignedTo:

hello.. i am running openssh-3.7.1p2. on linux.It is working successfully..and daemon is running &client also connecting.But the problem is with the mips architecture when i connecting this server from remote syytem.?i got an error of buufer_get:trying to get more bytes 1 than buffer0.And client is not connecting from remote system.My out is as follows on my server ?in sshd main before

hello.. i am running openssh-3.7.1p2. on linux.It is working successfully.and daemon is running &client also connecting.But the problem is with the mips architecture when i connecting this server from remote syytem. i got an error of buufer_get:trying to get more bytes 1 than buffer0.And client is not connecting from remote system.My out is as follows on my server in sshd main before

The current code for channel.c creates an array of Channel structs (initially set to NULL) which is then iterated through, in full, every time a channel needs to be dealt with. If only one channel is in use, which is relatively common, the code still loops through the entire array. This patch creates a linked list of pointers to these structs and the code steps through the linked list. Since

Hi, At the n2k10 OpenBSD network hackathon, I finally got some time to clean up and rewrite the ssh(1) client multiplexing code. The attached diffs (one for portable OpenSSH, one for OpenBSD) are the result, and they need some testing. The revised multiplexing code uses a better protocol between the master and slave processes and I even bothered to write it up :) It tracks the control sockets

As before, it is described on our website. This should apply fairly cleanly to both portable and openbsd ssh. http://www.psc.edu/networking/hpn-ssh/ Only in openssh-3.8.1p1-dynwindow: Makefile diff -u openssh-3.8.1p1/buffer.c openssh-3.8.1p1-dynwindow/buffer.c --- openssh-3.8.1p1/buffer.c 2003-11-21 07:56:47.000000000 -0500 +++ openssh-3.8.1p1-dynwindow/buffer.c 2004-07-12 07:49:29.000000000

This is the 1st revision of the Advisory. This document can be found at: http://www.openssh.com/txt/buffer.adv 1. Versions affected: All versions of OpenSSH's sshd prior to 3.7 contain a buffer management error. It is uncertain whether this error is potentially exploitable, however, we prefer to see bugs fixed proactively. 2. Solution: Upgrade to OpenSSH

Is anybody aware of this? -hc ----- Forwarded message from Alex Lambert <alambert@quickfire.org> ----- 3.7.1 was just released. Two patches for similar issues in a very short timeframe. Who do they think they are -- Microsoft? <grin> apl -------- Original Message -------- Subject: OpenSSH Security Advisory: buffer.adv Date: Wed, 17 Sep 2003 01:13:30 +0200 From: Markus Friedl

I'm seeing something unusual in 5.0p1. Let me start by saying that I'm on kind of an oddball system (HP NonStop). What I'm seeing is that at the end of an scp session, the server gets stuck in a loop. First I see a shutdown failure, followed by looping on an "ibuf_empty delayed efd 9/(0)" condition. This may have to do with some minor semantic differences in the way the

This is the 1st revision of the Advisory. This document can be found at: http://www.openssh.com/txt/buffer.adv 1. Versions affected: All versions of OpenSSH's sshd prior to 3.7 contain a buffer management error. It is uncertain whether this error is potentially exploitable, however, we prefer to see bugs fixed proactively. 2. Solution: Upgrade to OpenSSH

Hi, This diff (for portable) makes the chrooted preauth privsep process log via the monitor using a shared socketpair. It removes the need for /dev/log inside /var/empty and makes mandatory sandboxing of the privsep child easier down the road (no more socket() syscall required). Please test. -d Index: log.c =================================================================== RCS file:

Initially send this mail to user group. then realized this is more apt place. Apologies for posting in both groups... Hi all, We're using openssh version 4.7p on our linux 2.6-22 kernel. We have a Java based GUI that opens a secure shell connection to this linux box. To do something over the connection, the GUI opens a session (some times 3-4 simultaneous sessions) & once done, it will

Subject: Wildcard '*.' matches inproper files (for SAMBA DOS clients) The problem does not appear when using W9x/NT clients. Testing environment: samba: 1.9.18p10i (compiled), 2.0.5a(binary distrib), 2.0.6(compiled) on Linux RedHat 6.0 and Solaris 2.5 smb.conf: | |[global] | workgroup = WORKG | server string = Samba %v | encrypt passwords = Yes | socket