From owner-freebsd-security  Wed May 28 14:50:59 1997
Return-Path: <owner-security>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.5/8.8.5) id OAA05306
          for security-outgoing; Wed, 28 May 1997 14:50:59 -0700 (PDT)
Received: from mx1.cso.uiuc.edu (mx1.cso.uiuc.edu [128.174.5.37])
          by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id OAA05301
          for <freebsd-security@freebsd.org>; Wed, 28 May 1997 14:50:52 -0700 (PDT)
Received: from alecto.physics.uiuc.edu (alecto.physics.uiuc.edu [128.174.83.167])
	by mx1.cso.uiuc.edu (8.8.5/8.8.5) with SMTP id QAA28509
	for <@mailhost.uiuc.edu:freebsd-security@freebsd.org>; Wed, 28 May 1997 16:50:49 -0500 (CDT)
Received: by alecto.physics.uiuc.edu (940816.SGI.8.6.9/940406.SGI)
	for freebsd-security@freebsd.org id QAA09204; Wed, 28 May 1997 16:48:08 -0500
Date: Wed, 28 May 1997 16:48:08 -0500
From: igor@alecto.physics.uiuc.edu (Igor Roshchin)
Message-Id: <199705282148.QAA09204@alecto.physics.uiuc.edu>
To: freebsd-security@freebsd.org
Subject: sshd: input bufer overflow
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk


Hello, computer gurus!

I am not sure if this might be a reason to worry about,
but probably somebody might clear this up.

I am running 2.1.7-RELEASE FreeBSD 2.1.7-RELEASE #0: Sun Feb 23 01:01:32 EST 1997 
on P5 computer.
I have 1.2.17 sshd running.

Today I found the following strings in my log:

May 28 10:42:28 kurort /kernel: ep0: Status: 2002 (input buffer overflow)
May 28 10:42:28 kurort sshd[3334]: fatal: Local: Bad packet length 761285176.


I know, that this was not an attempt of a break in, but
I am just thinking if this can be a source for the DOS-attack,
or something like that.

Sorry, if this is known already and was fixed in the recent version of sshd.

Best regards,

IgoR