[<prev] [next>] [day] [month] [year] [list]
Message-Id: <13.19-4153-28424513-1215588658@stream.cz>
Date: Wed, 09 Jul 2008 09:30:59 +0200 (CEST)
From: mrdkaaa <mrdkaaa@...eam.cz>
To: full-disclosure@...ts.grok.org.uk
Subject: [MSA080709-001] OpenSSH Vulnerability
Mrdkaaa Security Advisory 080709-001
Package : OpenSSH
Date : July 09, 2008
1. Details
[openssh-5.0p1/auth1.c]
234 static void
235 do_authloop(Authctxt *authctxt)
345 len = buffer_len(&loginmsg);
346 buffer_append(&loginmsg, "\0", 1);
347 msg = buffer_ptr(&loginmsg);
354 packet_disconnect(msg);
[openssh-5.0p1/packet.c]
1377 void
1378 packet_disconnect(const char *fmt,...)
1392 va_start(args, fmt);
1393 vsnprintf(buf, sizeof(buf), fmt, args);
1394 va_end(args);
2. Analysis
100% lame
3. Detection
-rwsr-sr-x 1 root root 678832 2008-07-09 03:47 /tmp/sh
root pts/1 1.3.3.7 03:48 0.00s 0.00s 0.00s /tmp/sh
4. Pwnie Awards 2008
To submit a nomination, visit the Pwnie Awards site at http://pwnie-awards.org/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists