Displaying 20 results from an estimated 3000 matches similar to: "Revised: Portable OpenSSH security advisory: portable-keysign-rand-helper.adv"
2011 May 03
1
Revised: Portable OpenSSH security advisory: portable-keysign-rand-helper.adv
OpenSSH Security Advisory: portable-keysign-rand-helper.adv
This document may be found at:
http://www.openssh.com/txt/portable-keysign-rand-helper.adv
1. Vulnerability
Portable OpenSSH's ssh-keysign utility may allow unauthorised
local access to host keys on platforms if ssh-rand-helper is
used.
2. Affected configurations
Portable OpenSSH prior to version
2011 May 03
0
Announce: Portable OpenSSH 5.8p2 released
Portable OpenSSH 5.8p2 has just been released. It will be available
from the mirrors listed at http://www.openssh.com/ shortly.
OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0
implementation and includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their
continued support of the project, especially those who contributed
code or
2003 Jun 11
2
[PATCH] Fix typos, OpenBSD + Portable
Hi.
Whenever I notice a typo someplace, I fix it in a local "typo tree".
Attached is 2 patches from that tree, one against OpenBSD and the other
against Portable.
Is it worth fixing these?
-Daz.
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
2011 Jun 08
5
[Bug 1912] New: 5.8 ssh-keysign lacks ECDSA support
https://bugzilla.mindrot.org/show_bug.cgi?id=1912
Summary: 5.8 ssh-keysign lacks ECDSA support
Product: Portable OpenSSH
Version: 5.8p2
Platform: All
OS/Version: All
Status: NEW
Severity: critical
Priority: P2
Component: Miscellaneous
AssignedTo: unassigned-bugs at mindrot.org
ReportedBy:
2003 Apr 30
4
Portable OpenSSH: Dangerous AIX linker behavior (aixgcc.adv)
1. Systems affected:
Users of Portable OpenSSH prior to 3.6.1p2 on AIX are affected
if OpenSSH was compiled using a non-AIX compiler (e.g. gcc).
Please note that the IBM-supplied OpenSSH packages[1] are
not vulnerable.
2. Description:
The default behavior of the runtime linker on AIX is to search
the current directory for dynamic libraries before searching
system paths. This is done
2003 Apr 30
4
Portable OpenSSH: Dangerous AIX linker behavior (aixgcc.adv)
1. Systems affected:
Users of Portable OpenSSH prior to 3.6.1p2 on AIX are affected
if OpenSSH was compiled using a non-AIX compiler (e.g. gcc).
Please note that the IBM-supplied OpenSSH packages[1] are
not vulnerable.
2. Description:
The default behavior of the runtime linker on AIX is to search
the current directory for dynamic libraries before searching
system paths. This is done
2003 Mar 31
1
[Bug 526] potential ssh-keysign segfault if pktype == KEY_UNSPEC
http://bugzilla.mindrot.org/show_bug.cgi?id=526
Summary: potential ssh-keysign segfault if pktype == KEY_UNSPEC
Product: Portable OpenSSH
Version: 3.6p1
Platform: All
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Miscellaneous
AssignedTo: openssh-unix-dev at mindrot.org
2004 Dec 17
0
ssh-keysign bug?
I use ssh in a batch environment (www.pbspro.com) and am using host based
authentication to allow sshes between some resources. When I converted from
openssh 3.1 to newer versions (up to an including 3.8 where ssh-keysign was
moved to a standalone binary) I had issues with ssh-keysign failing with the
error "bad fd". A little exploring showed that this was happening because
in the
2003 Apr 02
1
broken ssh-keysign for openssh 3.6.1p1 on Solaris 8
The latter versions of openssh (3.4,3.5 and 3.6.1) all seem to suffer
from a broken ssh-keysign binary. This causes HostbasedAuthentication to
fail.
We have installed 3.6.1p1 on a Solaris 8 machine using
openssl-0.9.6i. This fails thusly
ssh server
<......some \digits removed - a key perhaps?>
ssh_keysign: no reply
key_sign failed
a at server's password
For version 3.4p1 we patched
2002 Jun 07
0
[Bug 268] New: ssh-keysign build failure on AIX with gcc
http://bugzilla.mindrot.org/show_bug.cgi?id=268
Summary: ssh-keysign build failure on AIX with gcc
Product: Portable OpenSSH
Version: -current
Platform: Other
OS/Version: AIX
Status: NEW
Severity: normal
Priority: P2
Component: Miscellaneous
AssignedTo: openssh-unix-dev at mindrot.org
2002 Jun 26
0
[Bug 304] New: ssh-keysign memory freeing bug
http://bugzilla.mindrot.org/show_bug.cgi?id=304
Summary: ssh-keysign memory freeing bug
Product: Portable OpenSSH
Version: -current
Platform: All
OS/Version: All
Status: NEW
Severity: major
Priority: P2
Component: Miscellaneous
AssignedTo: openssh-unix-dev at mindrot.org
ReportedBy: openssh
2020 Apr 25
2
[PATCH 1/3] Add private key protection information extraction to ssh-keygen
Add private key protection information extraction to shh-keygen using -v
option on top of -y option which is already parsing the private key.
Technically, the passphrase isn't necessary to do this, but it is the
most logical thing to do for me.
Adding this to -l option is not appropriate because fingerprinting is
using the .pub file when available.
An other idea is to add a new option, I
2002 Jun 07
1
[Bug 268] ssh-keysign build failure on AIX with gcc
http://bugzilla.mindrot.org/show_bug.cgi?id=268
------- Additional Comments From dtucker at zip.com.au 2002-06-07 17:34 -------
Created an attachment (id=108)
Conditionally define __progname in ssh-keysign.c
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2008 Nov 23
0
Revised: OpenSSH security advisory: cbc.adv
Hi,
There was an error in the original advisory. The estimate of 32768
attempts to carry out a successful attack is incorrect. The correct
estimate is 11356 attempts. A revised version is now available at:
http://www.openssh.com/txt/cbc.adv
The advisory and its recommendations are otherwise unchanged.
-d
2002 Apr 26
0
Revised OpenSSH Security Advisory (adv.token)
This is the 2nd revision of the Advisory.
Buffer overflow in OpenSSH's sshd if AFS has been configured on the
system or if KerberosTgtPassing or AFSTokenPassing has been enabled
in the sshd_config file. Ticket and token passing is not enabled
by default.
1. Systems affected:
All Versions of OpenSSH with AFS/Kerberos token passing
compiled in and enabled (either in the
2002 Jun 26
0
Revised OpenSSH Security Advisory (adv.iss)
This is the 2nd revision of the Advisory.
1. Versions affected:
Serveral versions of OpenSSH's sshd between 2.3.1 and 3.3
contain an input validation error that can result in an
integer overflow and privilege escalation.
All versions between 2.3.1 and 3.3 contain a bug in the
PAMAuthenticationViaKbdInt code.
All versions between 2.9.9 and 3.3
2002 Apr 26
0
Revised OpenSSH Security Advisory (adv.token)
This is the 2nd revision of the Advisory.
Buffer overflow in OpenSSH's sshd if AFS has been configured on the
system or if KerberosTgtPassing or AFSTokenPassing has been enabled
in the sshd_config file. Ticket and token passing is not enabled
by default.
1. Systems affected:
All Versions of OpenSSH with AFS/Kerberos token passing
compiled in and enabled (either in the
2008 Nov 23
0
Revised: OpenSSH security advisory: cbc.adv
Hi,
There was an error in the original advisory. The estimate of 32768
attempts to carry out a successful attack is incorrect. The correct
estimate is 11356 attempts. A revised version is now available at:
http://www.openssh.com/txt/cbc.adv
The advisory and its recommendations are otherwise unchanged.
-d
2002 Jun 26
1
Revised OpenSSH Security Advisory (adv.iss)
This is the 2nd revision of the Advisory.
1. Versions affected:
Serveral versions of OpenSSH's sshd between 2.3.1 and 3.3
contain an input validation error that can result in an
integer overflow and privilege escalation.
All versions between 2.3.1 and 3.3 contain a bug in the
PAMAuthenticationViaKbdInt code.
All versions between 2.9.9 and 3.3
2005 Jul 28
1
[LLVMdev] [patch] gccld not properly constructing paths when checking for bytecode
I was getting some weird errors from gccld and traced it to path
construction in isBytecodeLPath. If the path doesn't end with a /,
then Path just tries to stick filenames onto it, which is not so good.
It would be more efficient to just add a "/" to the path once, I
guess.
Also, I had to touch lib/System/Path.cpp to get my changes to Path.inc
noticed; it seems the build system