From owner-freebsd-security  Tue Nov 16 13:41:52 1999
Delivered-To: freebsd-security@freebsd.org
Received: from nethead.com (nethead.com [207.246.130.2])
	by hub.freebsd.org (Postfix) with ESMTP id BC36314CCB
	for <freebsd-security@FreeBSD.ORG>; Tue, 16 Nov 1999 13:41:38 -0800 (PST)
	(envelope-from myc@nethead.com)
Received: from localhost (myc@localhost) by nethead.com (8.8.5/8.8.3) with SMTP id NAA26079; Tue, 16 Nov 1999 13:40:18 -0800
Date: Tue, 16 Nov 1999 13:40:17 -0800 (PST)
From: Mychal McGrew <myc@nethead.com>
To: Udo Schweigert <ust@cert.siemens.de>
Cc: spork <spork@super-g.com>, Mike Tancsa <mike@sentex.net>,
	freebsd-security@FreeBSD.ORG
Subject: Re: Fwd: ssh-1.2.27 remote buffer overflow - exploitable  (VD#7)
In-Reply-To: <19991116223750.A2271@alaska.cert.siemens.de>
Message-ID: <Pine.LNX.3.95.991116134004.26000A-100000@nethead.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Udo,

You could send it to me.  Thanks. :-)


Mychal L. McGrew
UNIX Systems Administrator
Flying Crocodile, Inc.
myc@nethead.com

On Tue, 16 Nov 1999, Udo Schweigert wrote:

> On Tue, Nov 16, 1999 at 04:13:34PM -0500, spork wrote:
> > On Tue, 16 Nov 1999, Mike Tancsa wrote:
> > 
> > > I cant help you with OpenSSH, but the patches for sshd have been commited
> > > to fix the exploit in question.
> > 
> > It seems www.ssh.fi has removed one of the patches necessary to compile
> > the port (fetch: patch-ssh-1.2.27-bsd.tty.chown: www.ssh.fi: HTTP server
> > returned error code 404).  Anyone have a copy of this that could be put up
> > on ftp.freebsd.org under distfiles?
> > 
> 
> I have it here. Whom should I mail it?
> 
> Regards.
> -------------------------------------------------------------------------------
> Udo Schweigert              || Voice      : +49 89 636 42170
> Siemens AG, Siemens CERT    || Fax        : +49 89 636 41166
> ZT IK 3                     || email      : Udo.Schweigert@mchp.siemens.de
> D-81730 Muenchen / Germany  ||            : ust@cert.siemens.de
> PGP fingerprint             || 2A 53 F6 A6 30 59 64 02  6B C4 E0 73 B2 C9 6C E7
> -------------------------------------------------------------------------------
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
> 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message