Bug 104573 - Buffer managment errors in OpenSSH < 3.7.1
Summary: Buffer managment errors in OpenSSH < 3.7.1
Status: CLOSED DUPLICATE of bug 104551
Alias: None
Product: Red Hat Raw Hide
Classification: Retired
Component: openssh
Version: 1.0
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Nalin Dahyabhai
QA Contact: Brian Brock
URL: http://marc.theaimsgroup.com/?l=openb...
Keywords: Security
Depends On:
TreeView+ depends on / blocked
Reported: 2003-09-17 13:34 UTC by Alan Sanderson
Modified: 2007-03-27 04:09 UTC (History)
1 user (show)

Clone Of:
Last Closed: 2006-02-21 18:58:36 UTC

Attachments (Terms of Use)

Description Alan Sanderson 2003-09-17 13:34:26 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i586; en-AU; rv:1.5a) Gecko/20030801
Mozilla Firebird/0.6.1

Description of problem:
Buffer managment errors have been discorever in OpenSSH 3.7.0 and below, this
has been said to be remotely exploitable.
OpenSSH should therefore be upgraded to 3.7.1 in rawhide and no doubt in RedHat
Linux 9.0, 8.0, 7.3, 7.2, 7.1.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1.See description

Actual Results:  See description

Expected Results:  See description

Additional info:


Comment 1 Hrunting Johnson 2003-09-17 14:37:16 UTC

These are the changes that need to be made.  This is a very similar fix to
yesterday's buffer.c patch which does need to be applied to yesterday's errata.

Comment 2 Mark J. Cox 2003-09-17 15:45:56 UTC

*** This bug has been marked as a duplicate of 104551 ***

Comment 3 Red Hat Bugzilla 2006-02-21 18:58:36 UTC
Changed to 'CLOSED' state since 'RESOLVED' has been deprecated.

Note You need to log in before you can comment on or make changes to this bug.