Date: Tue, 16 Nov 1999 22:37:50 +0100 From: Udo Schweigert <ust@cert.siemens.de> To: spork <spork@super-g.com> Cc: Mike Tancsa <mike@sentex.net>, freebsd-security@FreeBSD.ORG Subject: Re: Fwd: ssh-1.2.27 remote buffer overflow - exploitable (VD#7) Message-ID: <19991116223750.A2271@alaska.cert.siemens.de> In-Reply-To: <Pine.BSF.4.00.9911161611450.13005-100000@super-g.com>; from spork@super-g.com on Tue, Nov 16, 1999 at 04:13:34PM -0500 References: <3.0.5.32.19991116152108.0170f850@staff.sentex.ca> <Pine.BSF.4.00.9911161611450.13005-100000@super-g.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Nov 16, 1999 at 04:13:34PM -0500, spork wrote: > On Tue, 16 Nov 1999, Mike Tancsa wrote: > > > I cant help you with OpenSSH, but the patches for sshd have been commited > > to fix the exploit in question. > > It seems www.ssh.fi has removed one of the patches necessary to compile > the port (fetch: patch-ssh-1.2.27-bsd.tty.chown: www.ssh.fi: HTTP server > returned error code 404). Anyone have a copy of this that could be put up > on ftp.freebsd.org under distfiles? > I have it here. Whom should I mail it? Regards. ------------------------------------------------------------------------------- Udo Schweigert || Voice : +49 89 636 42170 Siemens AG, Siemens CERT || Fax : +49 89 636 41166 ZT IK 3 || email : Udo.Schweigert@mchp.siemens.de D-81730 Muenchen / Germany || : ust@cert.siemens.de PGP fingerprint || 2A 53 F6 A6 30 59 64 02 6B C4 E0 73 B2 C9 6C E7 ------------------------------------------------------------------------------- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19991116223750.A2271>