Bugtraq mailing list archives
Re: SSH 1.x and 2.x Daemon
From: tibor () BLACK-OPS UWINDSOR CA (Tibor Toronyi)
Date: Mon, 8 Feb 1999 12:08:28 -0500
----- KuRuPTioN wrote -----
I have been brainstorming with a few people and I have found a solution to the problem I was experiencing. This solution works in both SSH 1.2.26 (not 1.2.27, as I was delusional that day) and SSH 2.0.11. In SSH 1.2.26 adding the -DHAVE_STRUCT_SPWD_EXPIRE to the Makefile in the top of the SSH tree with fix the problem.
As a side note (after checking into this problem), I noticed that the
server code ONLY checks for "*LK*" in the password field to see if the
person is disabled. Not sure of other places but we've had to modify the
code a bit so that instead of
if ((strncmp(passwd,"*LK*", 4) == 0)
I'd recommend
if ((strchr (passwd, '*') != (char *) NULL)
--------------------------------------------------------------------------
Tibor Toronyi voice: (519) 253-4232 ext. 2753
Information Technology Services fax: (519) 973-7083
University of Windsor email: tibor () uwindsor ca
Windsor, Ontario, Canada /* Live long and prosper. */
N9B 3P4 /* Mr. Spock */
PGP Public Key: finger tibor () black-ops uwindsor ca
http://black-ops.uwindsor.ca/pgp
Current thread:
- Re: SSH 1.x and 2.x Daemon Tibor Toronyi (Feb 08)
- Another Windows98 Bug... Scott (Feb 09)
- Re: Another Windows98 Bug... Jensen Allan AJE (Feb 12)
- mc & Segmentation fault shaman (Feb 12)
- Re: Another Windows98 Bug... Nick Lamb (Feb 12)
- Re: Another Windows98 Bug... Jensen Allan AJE (Feb 12)
- Re: SSH 1.x and 2.x Daemon Brandon S. Allbery (Feb 09)
- Re: SSH 1.x and 2.x Daemon Greg A. Woods (Feb 09)
- Re: SSH 1.x and 2.x Daemon Casper Dik (Feb 11)
- Re: SSH 1.x and 2.x Daemon Kevin Vajk (Feb 12)
- Rainbow Six Buffer Overflow..... Brian Gemberling (Feb 11)
- Re: SSH 1.x and 2.x Daemon Casper Dik (Feb 11)
- Access 97 Password Unmasker Nate Lawson (Feb 09)
(Thread continues...)
- Another Windows98 Bug... Scott (Feb 09)