[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <200309152331.h8FNVuJ3030952@mailserver2.hushmail.com>
From: auto64746 at hushmail.com (auto64746@...hmail.com)
Subject: openssh remote exploit
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
you can see the 2 bugs in this code?, seems to of me that theo could
not. i am of understanding that there are exploits working on this in
the wild. 3 remote holes in default install now !
hahaha
void *
buffer_append_space(Buffer *buffer, u_int len)
{
void *p;
if (len > 0x100000)
fatal("buffer_append_space: len %u not supported", len);
/* If the buffer is empty, start using it from the beginning.
*/
if (buffer->offset == buffer->end) {
buffer->offset = 0;
buffer->end = 0;
}
restart:
/* If there is enough space to store all data, store it now.
*/
if (buffer->end + len < buffer->alloc) {
p = buffer->buf + buffer->end;
buffer->end += len;
return p;
}
/*
* If the buffer is quite empty, but all data is at the end,
move the
* data to the beginning and retry.
*/
if (buffer->offset > buffer->alloc / 2) {
memmove(buffer->buf, buffer->buf + buffer->offset,
buffer->end - buffer->offset);
buffer->end -= buffer->offset;
buffer->offset = 0;
goto restart;
}
/* Increase the size of the buffer and retry. */
buffer->alloc += len + 32768;
if (buffer->alloc > 0xa00000)
fatal("buffer_append_space: alloc %u not supported",
buffer->alloc);
buffer->buf = xrealloc(buffer->buf, buffer->alloc);
goto restart;
/* NOTREACHED */
}
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Version: Hush 2.3
wkYEARECAAYFAj9mSqAACgkQO4YmZKj9rSu4mQCeMS8jvadKaKO01kAwl3Ykwirr9ZEA
oLOwzsupmVKP+z1R/5OSlu8NHngf
=c0bi
-----END PGP SIGNATURE-----
Concerned about your privacy? Follow this link to get
FREE encrypted email: https://www.hushmail.com/?l=2
Free, ultra-private instant messaging with Hush Messenger
https://www.hushmail.com/services.php?subloc=messenger&l=434
Promote security and make money with the Hushmail Affiliate Program:
https://www.hushmail.com/about.php?subloc=affiliate&l=427
Powered by blists - more mailing lists