[7926] in bugtraq
Re: SSH 1.2.25/HP-UX 10.20 Vulnerability
daemon@ATHENA.MIT.EDU (Joao Miguel Neves)
Thu Sep 10 13:55:26 1998
Date: Thu, 10 Sep 1998 10:50:30 +0100
Reply-To: Joao Miguel Neves <jneves@RNL.IST.UTL.PT>
From: Joao Miguel Neves <jneves@RNL.IST.UTL.PT>
X-To: Security Research Team <security@SIAMRELAY.COM>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <3.0.5.32.19980910131857.00967100@siamrelay.com>
> However, if user connects via SSH using newly created username, no password
> authentication is performed and user automatically drops into shell.
>
> This can be especially dangerous on systems where users are added on a
> daily basis (universities for example) and other users aware of this bug
> could gain access to newly created accounts (remote users could gain
> information about new users using finger command, for example).
>
> FIXES:
>
> SSH 1.2.26 is available for over a month now (this problem has been fixed).
> Also, version 2.0 of SSH is released (completely rewritten).
>
Is this fixed for all situations? For instance the Digital Unix C2 patch
only worked when the authentication was with the password if you used any
of the other authentication methods (RSA key, for instance) the limits
aren't implemented. The person who did the patch already corrected it, but
last week he had not sent this to be put on the major release.
Joao Miguel Neves
