[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] [MSA080709-001] OpenSSH Vulnerability

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] [MSA080709-001] OpenSSH Vulnerability
From: mrdkaaa <mrdkaaa@xxxxxxxxx>
Date: Wed, 09 Jul 2008 09:30:59 +0200 (CEST)

Mrdkaaa Security Advisory 080709-001

Package : OpenSSH
Date    : July 09, 2008


1. Details

[openssh-5.0p1/auth1.c]

   234  static void
   235  do_authloop(Authctxt *authctxt)

   345                          len = buffer_len(&loginmsg);
   346                          buffer_append(&loginmsg, "\0", 1);
   347                          msg = buffer_ptr(&loginmsg);

   354                          packet_disconnect(msg);


[openssh-5.0p1/packet.c]

  1377  void
  1378  packet_disconnect(const char *fmt,...)

  1392          va_start(args, fmt);
  1393          vsnprintf(buf, sizeof(buf), fmt, args);
  1394          va_end(args);


2. Analysis

  100% lame


3. Detection

  -rwsr-sr-x 1 root root 678832 2008-07-09 03:47 /tmp/sh
  root     pts/1    1.3.3.7          03:48    0.00s  0.00s  0.00s /tmp/sh


4. Pwnie Awards 2008

  To submit a nomination, visit the Pwnie Awards site at 
http://pwnie-awards.org/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: Re: [Full-disclosure] Critical flaw rocks the internet
Next by Date: Re: [Full-disclosure] New round of SSH scan IP's
Previous by thread: [Full-disclosure] [ MDVSA-2008:138 ] - Updated OpenOffice.org packages fix vulnerability
Next by thread: [Full-disclosure] Assurent VR - Adobe RoboHelp Server SQL Injection Vulnerability
Index(es):
- Date
- Thread