Displaying 20 results from an estimated 3000 matches similar to: "Revised OpenSSH Security Advisory (adv.token)"
2002 Apr 26
0
Revised OpenSSH Security Advisory (adv.token)
This is the 2nd revision of the Advisory.
Buffer overflow in OpenSSH's sshd if AFS has been configured on the
system or if KerberosTgtPassing or AFSTokenPassing has been enabled
in the sshd_config file. Ticket and token passing is not enabled
by default.
1. Systems affected:
All Versions of OpenSSH with AFS/Kerberos token passing
compiled in and enabled (either in the
2002 Apr 21
3
OpenSSH Security Advisory (adv.token)
A buffer overflow exists in OpenSSH's sshd if sshd has been compiled
with Kerberos/AFS support and KerberosTgtPassing or AFSTokenPassing
has been enabled in the sshd_config file. Ticket and token passing
is not enabled by default.
1. Systems affected:
All Versions of OpenSSH compiled with AFS/Kerberos support
and ticket/token passing enabled contain a buffer overflow.
2002 Apr 21
3
OpenSSH Security Advisory (adv.token)
A buffer overflow exists in OpenSSH's sshd if sshd has been compiled
with Kerberos/AFS support and KerberosTgtPassing or AFSTokenPassing
has been enabled in the sshd_config file. Ticket and token passing
is not enabled by default.
1. Systems affected:
All Versions of OpenSSH compiled with AFS/Kerberos support
and ticket/token passing enabled contain a buffer overflow.
2002 Apr 20
0
Buffer overflow in OpenSSH 2.2.0-3.1.0
Hi!
I just saw this on bugtraq. Does someone have more details about this?
Subject: OpenSSH 2.2.0 - 3.1.0 server contains a locally exploitable
buffer overflow
From: Marcell Fodor <m.fodor at mail.datanet.hu>
Date: 19 Apr 2002 22:42:51 -0000 (Sat 01:42 EEST)
To: bugtraq at securityfocus.com
effect:
local root
vulnerable services:
-pass Kerberos IV TGT
-pass AFS Token
bug
2002 Jun 26
0
Revised OpenSSH Security Advisory (adv.iss)
This is the 2nd revision of the Advisory.
1. Versions affected:
Serveral versions of OpenSSH's sshd between 2.3.1 and 3.3
contain an input validation error that can result in an
integer overflow and privilege escalation.
All versions between 2.3.1 and 3.3 contain a bug in the
PAMAuthenticationViaKbdInt code.
All versions between 2.9.9 and 3.3
2002 Jun 26
1
Revised OpenSSH Security Advisory (adv.iss)
This is the 2nd revision of the Advisory.
1. Versions affected:
Serveral versions of OpenSSH's sshd between 2.3.1 and 3.3
contain an input validation error that can result in an
integer overflow and privilege escalation.
All versions between 2.3.1 and 3.3 contain a bug in the
PAMAuthenticationViaKbdInt code.
All versions between 2.9.9 and 3.3
2002 May 02
0
[Bug 234] New: OpenSSH does not compile on OpenBSD 3.1
http://bugzilla.mindrot.org/show_bug.cgi?id=234
Summary: OpenSSH does not compile on OpenBSD 3.1
Product: Portable OpenSSH
Version: -current
Platform: ix86
OS/Version: OpenBSD
Status: NEW
Severity: normal
Priority: P1
Component: Build system
AssignedTo: openssh-unix-dev at mindrot.org
2002 Aug 09
0
patch to ssh.c for KerberosTgtPassing and readability patches for config files and manpages
Hey All,
Found a very minor problem with client implementation of
KerberosTgtPassing command line flag in ssh.c (first diff). We also
made some readability patches to the config files and manpages to make
the option clearer (the remainder of the diffs).
diffs are against -current
Index: ssh.c
===================================================================
RCS file:
2008 Nov 23
0
Revised: OpenSSH security advisory: cbc.adv
Hi,
There was an error in the original advisory. The estimate of 32768
attempts to carry out a successful attack is incorrect. The correct
estimate is 11356 attempts. A revised version is now available at:
http://www.openssh.com/txt/cbc.adv
The advisory and its recommendations are otherwise unchanged.
-d
2008 Nov 23
0
Revised: OpenSSH security advisory: cbc.adv
Hi,
There was an error in the original advisory. The estimate of 32768
attempts to carry out a successful attack is incorrect. The correct
estimate is 11356 attempts. A revised version is now available at:
http://www.openssh.com/txt/cbc.adv
The advisory and its recommendations are otherwise unchanged.
-d
2011 May 03
0
Revised: Portable OpenSSH security advisory: portable-keysign-rand-helper.adv
OpenSSH Security Advisory: portable-keysign-rand-helper.adv
This document may be found at:
http://www.openssh.com/txt/portable-keysign-rand-helper.adv
1. Vulnerability
Portable OpenSSH's ssh-keysign utility may allow unauthorised
local access to host keys on platforms if ssh-rand-helper is
used.
2. Affected configurations
Portable OpenSSH prior to version
2002 May 03
0
AFS/Kerberos authentication problems on IRIX 6.5.15
With a little help, I managed to get ssh to compile. (original post
05.02.02) Now, I can login using an account that is local to the
target machine but logins with AFS accounts fail.
The details:
IRIX 6.5.15
ssh 3.1.p1
gcc 3.0.1
ssl-0.9.6c
zlib-1.1.4.
I am configuring with:
env CC=gcc CFLAGS=-g
LDFLAGS=-Wl,-rpath,/usr/local/krb4/lib,-rpath,/usr/local/ssl/lib
./configure
2011 May 03
1
Revised: Portable OpenSSH security advisory: portable-keysign-rand-helper.adv
OpenSSH Security Advisory: portable-keysign-rand-helper.adv
This document may be found at:
http://www.openssh.com/txt/portable-keysign-rand-helper.adv
1. Vulnerability
Portable OpenSSH's ssh-keysign utility may allow unauthorised
local access to host keys on platforms if ssh-rand-helper is
used.
2. Affected configurations
Portable OpenSSH prior to version
2002 Jun 26
0
OpenSSH Security Advisory (adv.iss)
1. Versions affected:
All versions of OpenSSH's sshd between 2.9.9 and 3.3
contain an input validation error that can result in
an integer overflow and privilege escalation.
OpenSSH 3.4 and later are not affected.
OpenSSH 3.2 and later prevent privilege escalation
if UsePrivilegeSeparation is enabled in sshd_config.
OpenSSH 3.3 enables
2001 Sep 26
0
OpenSSH Security Advisory (adv.option)
Weakness in OpenSSH's source IP based access control
for SSH protocol v2 public key authentication.
1. Systems affected:
Versions of OpenSSH between 2.5.x and 2.9.x using
the 'from=' key file option in combination with
both RSA and DSA keys in ~/.ssh/authorized_keys2.
2. Description:
Depending on the order of the user keys in
~/.ssh/authorized_keys2 sshd might
2002 Jun 26
2
OpenSSH Security Advisory (adv.iss)
1. Versions affected:
All versions of OpenSSH's sshd between 2.9.9 and 3.3
contain an input validation error that can result in
an integer overflow and privilege escalation.
OpenSSH 3.4 and later are not affected.
OpenSSH 3.2 and later prevent privilege escalation
if UsePrivilegeSeparation is enabled in sshd_config.
OpenSSH 3.3 enables
2000 Apr 09
2
Password Login Failing... (Not sure this went through)
Appologise if this did make it to the list but I just subscribed and
didn't see it come back...
I am attmepting to install ssh/sshd on my RH6.1 Intel Box. Everything
seems to be working (not quite smooth sailing - I had to resort to
precompiled RPM for OpenSSL). I did however get it "working." I
generated a host key as root and then changed back to joe-user. I created
a key for
2000 Apr 09
0
Non-member submission from [Keith Baker <ssh@par.dhs.org>] (fwd)
From: Keith Baker <ssh at par.dhs.org>
To: openssh-unix-dev at mindrot.org
Subject: Password Login Failing...
I am attmepting to install ssh/sshd on my RH6.1 Intel Box. Everything
seems to be working (not quite smooth sailing - I had to resort to
precompiled RPM for OpenSSL). I did however get it "working." I
generated a host key as root and then changed back to joe-user. I
2002 Mar 09
0
krb5 problem: KRB5CCNAME is ""; possible fix for OpenSSH 3.0.2p1
I'm using a OpenSSH 3.0.2p1 with the krb5 patch from
<http://www.sxw.org.uk/computing/patches/openssh.html>.
I'm getting KRB5CCNAME set to "" even though
<http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=98269278629018&w=2>
mentions fixing it. This causes things like kinit to
fail with a somewhat uninformative error message.
The relevant sshd_config lines
2002 Jan 23
1
Fix AFS and Kerberos interaction
Hello,
I going to use ssh with Kerberos V5 support along with support for AFS. I
don't want to use Kerberos V4 or AFS token passing. The only thing I need
from AFS is creating an AFS token (using appropriate function from krb5 API)
after user's authentication. It seems to me that such scenario is not much
supported by the current code. Rather it is assumed only Kerberos 4 will be
used