Bugtraq mailing list archives
Re: More ssh fun (sshd this time)
From: hargrove () SCCM STANFORD EDU (Paul H. Hargrove)
Date: Wed, 27 Aug 1997 16:13:11 -0700
Thamer Al-Herbish writes: [snip]
This problem is that ssh/sshd uses an int instead of an unsigned short to do the comparison on. So wrapping doesnt occur till its placed in the struct sockaddr_in.
[snip] It looks like (from reading it, not from running it) the patch will consider negative port numbers to be "privileged" rather than "invalid", thus yielding the incorrect massage. This is, of course, a cosmetic problem rather than a functional one. -- Paul H. Hargrove All material not otherwise attributed hargrove () sccm stanford edu is the opinion of the author or a typo.
Current thread:
- More ssh fun (sshd this time) Ivo van der Wijk (Aug 19)
- Re: More ssh fun (sshd this time) Olaf Titz (Aug 23)
- Sun Security Bulletin #00152 Aleph One (Aug 25)
- Sun Security Bulletin #00153 Aleph One (Aug 25)
- Active X exploit. Peter Shipley (Aug 25)
- Re: More ssh fun (sshd this time) Wietse Venema (Aug 25)
- <Possible follow-ups>
- Re: More ssh fun (sshd this time) Thamer Al-Herbish (Aug 23)
- Re: More ssh fun (sshd this time) Solar Designer (Aug 27)
- Re: More ssh fun (sshd this time) Paul H. Hargrove (Aug 27)
- Re: More ssh fun (sshd this time) Christopher Craig (Aug 27)
- Integer Overflows Solar Designer (Aug 27)