[21783] in bugtraq
Re: URGENT SECURITY ADVISORY FOR SSH SECURE SHELL 3.0.0
daemon@ATHENA.MIT.EDU (Nate Eldredge)
Mon Jul 23 13:10:48 2001
Date: Sun, 22 Jul 2001 06:14:25 -0700 (PDT)
From: Nate Eldredge <neldredge@hmc.edu>
To: Dale Southard <southard1@llnl.gov>
Cc: Dan Kaminsky <dankamin@cisco.com>,
Stephanie Thomas <customer.service@ssh.com>, bugtraq@securityfocus.com
In-Reply-To: <n15y80rn.fsf@riptide.llnl.gov>
Message-ID: <Pine.LNX.4.21.0107220554010.24934-100000@odin.ac.hmc.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
On 21 Jul 2001, Dale Southard wrote:
> Sshd should probably be constraining its match to the length of the
> crypt() output rather than the length of the password file entry. [I
> say ``probably'' here because some systems (AIX) seem to produce null
> password file hashes when `passwd` is given a null password. If that
> behavior is due to the underlying crypt() function, then the
> ``probably'' suggestion I just made yields remote root on those
> systems.]
What's wrong with just using `strcmp' (i.e. no constraint at all)? After
all, what you want to know is just whether the two strings are identical,
period. And unless crypt() and /etc/shadow are both broken, it will stop
at the right place. I realize it goes against the reflexive "only strn*
functions are safe" idea, but that shouldn't substitute for thinking...
--
Nate Eldredge
neldredge@hmc.edu
