From owner-freebsd-security@FreeBSD.ORG Wed Oct 23 12:06:36 2013 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id DF64AFE0; Wed, 23 Oct 2013 12:06:36 +0000 (UTC) (envelope-from cs@freebsd.org) Received: from mail.carlostrub.ch (319.ch [88.198.108.251]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 9CCEC29A5; Wed, 23 Oct 2013 12:06:36 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.carlostrub.ch (Postfix) with ESMTP id 7542318CC90; Wed, 23 Oct 2013 14:06:28 +0200 (CEST) Received: from mail.carlostrub.ch ([127.0.0.1]) by localhost (maia.319.ch [127.0.0.1]) (maiad, port 10024) with ESMTP id 03763-02; Wed, 23 Oct 2013 14:06:27 +0200 (CEST) Received: from c-st.net (localhost [127.0.0.1]) (Authenticated sender: cs@carlostrub.ch) by mail.carlostrub.ch (Postfix) with ESMTPA id 2E18418CC71; Wed, 23 Oct 2013 14:06:27 +0200 (CEST) Content-Type: text/plain; charset="utf-8" Content-Disposition: inline Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 Subject: Re: OpenPAM/SSHD privacy hole (FreeBSD 9.2+ affected) X-Powered-BY: OTRS - Open Ticket Request System (http://otrs.org/) X-Mailer: OTRS Mail Service (3.2.10) Date: Wed, 23 Oct 2013 14:06:26 +0200 Message-ID: <1382529986.729788.498652166.90148.2@c-st.net> To: az@azsupport.com Organization: Carlo Strub From: Carlo Strub In-Reply-To: <20131023135408.38752099@azsupport.com> References: <20131023135408.38752099@azsupport.com> X-Virus-Scanned: Maia Mailguard Cc: freebsd-security@freebsd.org, des@freebsd.org X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Oct 2013 12:06:36 -0000 23/10/2013 13:56 - Andrei wrote: > Hello, >=20 > I found that in the new FreeBSD 9.2 (probably in 10 also) updated OpenPAM= sources. > The big embarrassment was in pam_get_authtok.c. The problem is that even = without a > valid SSH login it's possible to know the server's hostname. >=20 > az@az:/home/az % ssh 1.2.3.4 > Password for az@real.hostname.com: >=20 > Changes made by "des": http://www.openpam.org/changeset/510/openpam/trunk= /lib >=20 > I really do not think that this behavior must be present! I ask the commu= nity to > pay > attention to it and remove these harmful changes. >=20 > Kind regards, > Andrei. > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.or= g" >=20 I agree. That looks like an unnecessary privacy violation to me. What do yo= u think des@?=