Displaying 20 results from an estimated 200 matches similar to: "Bugreport: OpenSSH-1.2.2 Server for Linux (glibc 2.1.2)"
1999 Nov 20
0
segfault in openssh-1.2pre13
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Fri, 19 Nov 1999, Berend De Schouwer wrote:
> RH6.0, Intel, openssh-1.2pre13
>
> If I generate /etc/ssh_host_key, it works, if I generate
> /root/.ssh/identity it segfaults. Every time.
Fixed. There was a buffer overrun in the filename handling.
Please try the attached patch.
Regards,
Damien Miller
> # ssh-keygen
>
2001 Jan 19
0
sshd crashes (w/ skey)
Hi!
There is a situation when sshd will crash, but it might be rather hard to reproduce. I'll try to explain the setup :)
S/KEY is compiled and installed (taken from http://www.sparc.spb.su/solaris/skey/ ) on Linux box (kernel 2.4.0). Then, OpenSSH 2.3.0p1 is compiled
with skey support. It all works fine (patch has been applied too, which fixes skey issue found in November).
Now, for the
2001 Mar 20
3
Rhosts-RSA authentication broken
Hello !
I think a problem was introduced in openssh-2.3.0p1 which is
still there in the latest openssh-2.5.2p1. I just noticed it
before my vacation and could not send this mail earlier than
today.
The problem is:
You can't use the Rhosts-RSA authentication based on the hosts.equiv
file and the host keys.
The only possible way to do rhosts-RSA authentication is to allow
the usage of the
2002 May 09
1
Bug report: OpenSSH 3.1p1
I believe auth-rhosts.c, function check_rhosts_file(), contains a bug
that shows up when doing host-based authentication where the
client_user name is not the same as the server_user name.
Line 76 reads:
strlcpy(userbuf, server_user, sizeof(userbuf));
I believe it should read:
strlcpy(userbuf, client_user, sizeof(userbuf));
Otherwise later in the function this test will fail:
/* Verify that
2016 Feb 14
5
[Bug 2541] New: Add explicit_bzero() before free() in OpenSSH-7.1p2 for auth1.c/auth2.c/auth2-hostbased.c
https://bugzilla.mindrot.org/show_bug.cgi?id=2541
Bug ID: 2541
Summary: Add explicit_bzero() before free() in OpenSSH-7.1p2
for auth1.c/auth2.c/auth2-hostbased.c
Product: Portable OpenSSH
Version: 7.1p1
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P5
2001 Nov 13
1
Kerberos / PAM bug in OpenSSH CVS
In do_authloop() in auth1.c(), the Kerberos 4 and 5 code both allocate, then
xfree() the client_user string. The call to do_pam_account() later in the
function then tries to use this string, resulting in a corrupt remote user.
Finally, before exiting, the function frees client_user again, resulting in a
double free and much mess.
Patch attached.
Cheers,
Simon.
--
Simon Wilkinson
2001 Nov 20
3
problem with AFS token forwarding
Hello,
I came across an interoperability problem in OpenSSH 3.0p1 and 3.0.1p1
concerning the AFS token forwarding. That means that the new versions are
not able to exchange AFS tokens (and Kerberos TGTs) with older OpenSSH
releases (including 2.9p2) and with the old SSH 1.2.2x. In my opinion this
problem already existed in Openssh 2.9.9p1, but I have never used this
version (I only looked at the
2001 Feb 16
1
OpenSSH 2.3.0p1 port to BSDI BSD/OS
BSD/OS 4.2 comes with OpenSSH 2.1.1p4, patched to support BSDI's
authentication library. However, BSDI's patches have several
problems:
1. They don't run the approval phase, so they can allow users to login
who aren't supposed to be able to.
2. They don't patch configure to automatically detect the BSDI auth
system, so they're not ready to use in a general portable
2001 Jan 26
1
[fwd] Ogg123 crash report on EV4 Multia
----- Forwarded message from Telford Tendys <telford@triode.net.au> -----
Delivery-Date: Thu Jan 25 22:22:57 2001
Date: Fri, 26 Jan 2001 16:26:27 +1100
From: Telford Tendys <telford@triode.net.au>
To: feedback@vorbis.com
Subject: Comments on your code
User-Agent: Mutt/1.2.5i
Dear Vorbis,
I didn't even know about ogg or vorbis until I was at a conference
and someone said, ``if
2005 Feb 24
3
Suggestion: SSHD pseudo/fake mode. Source available.
Hi,
SSH brute force attacks seem to enjoy increasing popularity. Call me an
optimist or a misrouted kind of contributer to the community, but on our
company server I actually go through the logs and report extreme cases
to the providers of the originating IP's. With the increasing number of
these attacks, however, I have now decided that it's better to move the
SSHd to a different
2001 Nov 19
3
WineLib Seg Fault?
A question for the WineLib guru's :)
I am using the wine-20011108 build with Mandrake 8.0 and with this
version of wine clean compiled and installed I can run several windows
programs very successfully :).
Then I use winemaker to create a WineLib 'so' file and the compile and
link again runs clean.
But when I run the resulting 'so' file using this command line:
$
2002 Jun 28
2
ssh_rsa_verify: RSA_verify failed: error:
Host based authentication does not seem to be working for us after
upgrading to openssh-3.4p1 (we were at openssh-3.1p1) (openssl is at
0.96d). Any time we try to connect from another unix box also running
openssh-3.4p1, we get the following error (on the server side) and host
based auth fails (it falls back to password prompt).
sshd[15038]: error: ssh_rsa_verify: RSA_verify failed:
2002 Jul 18
1
[Bug 342] RhostsRSAAuthentication does not work with 3.4p1
http://bugzilla.mindrot.org/show_bug.cgi?id=342
stevesk at pobox.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |INVALID
------- Additional Comments From stevesk at pobox.com 2002-07-18
2000 Feb 01
3
logging RSA key IDs
Hi. To compartmentalize things a bit (e.g., to help limit the damage
should one of my machines be hacked and my private RSA keys stolen) I
use different RSA key pairs on my different client machines.
So it occurs to me that it would be nice if ssh could log which key
was used when logging in to a particular account that has more than
one entry in .ssh/authorized_keys. Right now it simply says
2000 May 15
1
AIX authenticate patches
Here are some patches to re-enable support for AIX's authenticate
routines. With them, ssh will honor locked & unlocked accounts, record
successful and unsuccessful logins, and deny accounts that are
prohibited to log in via the network. Tested with AIX 4.3.
It also includes a fix for handling SIGCHLD that may be needed for
other platforms (HP-UX 10.20, for example).
If I get the time
1999 Dec 07
1
Serious Bug Report: OpenSSH
Adrian Baugh wrote:
>
> Hi,
> I'm using the Linux port of OpenSSH 1.2-pre15.
> One of my users complained of not being able to log in using password
> authentication but being able to log in okay using RSA authentication.
> I set up the server in debug mode and got the following for RSA
> authentication (usernames, machine names and IPs obfuscated):
I think I have found
2006 Apr 04
0
Need help debugging (long)
Thanks!
This is in regards to bug 3084, I am trying to find out why samba is
crashing. I am using glibc-2.4 with nptl threads. It seems to be a memory
or threading issue. Thanks for any help.
Running smbd through gdb:
Breakpoint 6, charset_name (ch=CH_DISPLAY) at lib/charcnv.c:57
57 const char *ret = NULL;
(gdb)
Continuing.
Substituting charset 'ANSI_X3.4-1968' for
2004 Jul 21
2
Rose Diagrams
Hi,
Is it possible to create Rose Diagrams of wind data (speed & direction) with
R??
Best regards,
Lars Peters
-----
Lars Peters
University of Konstanz
Limnological Institute
D-78457 Konstanz
Germany
phone: +49 (0)7531 88-2930
fax: +49 (0)7531 88-3533
e-mail: Lars.Peters@Uni-Konstanz.de
web: Lars Peters
<http://www.uni-konstanz.de/sfb454/tp_eng/A1/doc/peters/peters.html>
2013 Jan 25
5
[Bug 2064] New: Enable logging of client_user at INFO priority rather than DEBUG2
https://bugzilla.mindrot.org/show_bug.cgi?id=2064
Bug ID: 2064
Summary: Enable logging of client_user at INFO priority rather
than DEBUG2
Classification: Unclassified
Product: Portable OpenSSH
Version: 5.8p2
Hardware: All
OS: All
Status: NEW
Severity: enhancement
2004 Feb 11
2
shorewall-docs-html-1.4.10a bugreport
shorewall-docs-html-1.4.10a is missing following files:
Banner.htm
Shorewall_index_frame.htm
seattle_firewall_index.htm
Or there should be different index.htm in tar. There might be other
missing files but that''s what I found out immidiately when I tried to
check local docs.
--
Tuomo Soini <tis@foobar.fi>
Linux and network services
+358 40 5240030
Foobar Oy