Date: Tue, 16 Nov 1999 15:14:29 -0500 (EST) From: spork <spork@super-g.com> To: relapz <relapz@purefusion.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Fwd: ssh-1.2.27 remote buffer overflow - exploitable (VD#7) Message-ID: <Pine.BSF.4.00.9911161511340.5841-100000@super-g.com> In-Reply-To: <Pine.BSF.4.10.9911161121130.676-100000@frosty.purefusion.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Also, has anyone been able to get openssh to compile on a 2.2 system? The
openssl port fails due to a flag to ld which does not exist back in 2.2
land, but grabbing the source and compiling from scratch works. However
openssh fails as shown below... If anyone has patches for 2.2, please
post them.
Thanks,
Charles
/usr/ports/security/openssh/work/ssh/lib/../channels.c: In function
`channel_free':
/usr/ports/security/openssh/work/ssh/lib/../channels.c:175: `SHUT_RDWR'
undeclared (first use this function)
/usr/ports/security/openssh/work/ssh/lib/../channels.c:175: (Each
undeclared identifier is reported only once
/usr/ports/security/openssh/work/ssh/lib/../channels.c:175: for each
function it appears in.)
/usr/ports/security/openssh/work/ssh/lib/../channels.c: In function
`channel_request_local_forwarding':
/usr/ports/security/openssh/work/ssh/lib/../channels.c:879:
`INADDR_LOOPBACK' undeclared (first use this function)
/usr/ports/security/openssh/work/ssh/lib/../channels.c: In function
`x11_create_display_inet':
/usr/ports/security/openssh/work/ssh/lib/../channels.c:1086: warning: type
mismatch with previous external decl
/usr/ports/security/openssh/work/ssh/lib/../channels.c:863: warning:
previous external decl of `options'
/usr/ports/security/openssh/work/ssh/lib/../channels.c:1110: `SHUT_RDWR'
undeclared (first use this function)
*** Error code 1
---
Charles Sprickman
spork@super-g.com
---
"...there's no idea that's so good you can't
ruin it with a few well-placed idiots."
On Tue, 16 Nov 1999, relapz wrote:
> seeing as we are on the OpenSSH/ssh front, i've decided to ditch ssh in
> favour of OpenSSH.
>
> However, I seem to be getting some odd errors when someone connects to the
> new OpenSSH server daemon:
>
> Nov 16 11:18:35 <4.4> frosty sshd[1146]: set class 'default' resource
> limit datasize: Operation not permitted
> Nov 16 11:18:35 <4.4> frosty sshd[1146]: set class 'default' resource
> limit stacksize: Operation not permitted
> Nov 16 11:18:35 <4.4> frosty sshd[1146]: set class 'default' resource
> limit maxproc: Operation not permitted
> Nov 16 11:18:35 <4.4> frosty sshd[1146]: set class 'default' resource
> limit openfiles: Operation not permitted
>
> Can someone shed some light on what exactly causes these? Should i be
> worried about a misconfig or is this normal. thanx,
>
> DJM:>
>
> On Mon, 15 Nov 1999, Warner Losh wrote:
>
> > In message <4.1.19991114000355.04d7f230@granite.sentex.ca> Mike Tancsa writes:
> > : Is there a patch to this ? Or is openssh the way to go ?
> >
> > Damn. I had a patch before taking off for the weekend, but didn't
> > have time to commit it. I'll commit it in a little bit if no one has
> > done so already.
> >
> > Warner
> >
> >
> > To Unsubscribe: send mail to majordomo@FreeBSD.org
> > with "unsubscribe freebsd-security" in the body of the message
> >
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.00.9911161511340.5841-100000>