[12628] in bugtraq
Re: ssh-1.2.27 remote buffer overflow - exploitable (VD#7)
daemon@ATHENA.MIT.EDU (Daniel Jacobowitz)
Wed Nov 17 15:39:42 1999
Mail-Followup-To: Oystein Viggen <oysteivi@TIHLDE.ORG>,
BUGTRAQ@SECURITYFOCUS.COM
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <19991116135424.A14803@drow.res.cmu.edu>
Date: Tue, 16 Nov 1999 13:54:24 -0500
Reply-To: Daniel Jacobowitz <drow@FALSE.ORG>
From: Daniel Jacobowitz <drow@FALSE.ORG>
X-To: Oystein Viggen <oysteivi@TIHLDE.ORG>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <03so26g24n.fsf@colargol.tihlde.hist.no>; from
oysteivi@TIHLDE.ORG on Tue, Nov 16, 1999 at 11:30:16AM +0100
On Tue, Nov 16, 1999 at 11:30:16AM +0100, Oystein Viggen wrote:
> Blue Boar wrote:
>
> > <SNIP>
> > Debian is immune for the (somewhat messy) reasons that they do not link
> > ssh to rsaref, last time that I checked.
> > <SNIP>
>
> Does the fact that the international version of ssh from replay.com uses
> "internal rsaref" instead of the "external rsaref" in the US version make
> it immune to this attack too?
>
> The version is at least not as far as I can see externally linked to any
> rsaref library:
As far as I can tell from the spec file, the -5i version is never
configured with --with-rsaref, and the guilty code in rsaglue.c is
never reached.
Dan
/--------------------------------\ /--------------------------------\
| Daniel Jacobowitz |__| SCS Class of 2002 |
| Debian GNU/Linux Developer __ Carnegie Mellon University |
| dan@debian.org | | dmj+@andrew.cmu.edu |
\--------------------------------/ \--------------------------------/
