[5217] in bugtraq
Re: More ssh fun (sshd this time)
daemon@ATHENA.MIT.EDU (Paul H. Hargrove)
Thu Aug 28 13:23:43 1997
Date: Wed, 27 Aug 1997 16:13:11 -0700
Reply-To: "Paul H. Hargrove" <hargrove@SCCM.STANFORD.EDU>
From: "Paul H. Hargrove" <hargrove@SCCM.STANFORD.EDU>
X-To: shadows@whitefang.com
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.BSF.3.95q.970823153041.10128R-100000@whatever.kuwait.net>
from "Thamer Al-Herbish" at Aug 23, 97 03:31:26 pm
Thamer Al-Herbish writes:
[snip]
> This problem is that ssh/sshd uses an int instead of an unsigned short to do
> the comparison on. So wrapping doesnt occur till its placed in the struct
> sockaddr_in.
[snip]
It looks like (from reading it, not from running it) the patch will
consider negative port numbers to be "privileged" rather than
"invalid", thus yielding the incorrect massage. This is, of course, a
cosmetic problem rather than a functional one.
--
Paul H. Hargrove All material not otherwise attributed
hargrove@sccm.stanford.edu is the opinion of the author or a typo.
