Bugtraq mailing list archives
Re: SSH 1.x and 2.x Daemon
From: tibor () BLACK-OPS UWINDSOR CA (Tibor Toronyi)
Date: Mon, 8 Feb 1999 12:08:28 -0500
----- KuRuPTioN wrote -----
I have been brainstorming with a few people and I have found a solution to the problem I was experiencing. This solution works in both SSH 1.2.26 (not 1.2.27, as I was delusional that day) and SSH 2.0.11. In SSH 1.2.26 adding the -DHAVE_STRUCT_SPWD_EXPIRE to the Makefile in the top of the SSH tree with fix the problem.
As a side note (after checking into this problem), I noticed that the server code ONLY checks for "*LK*" in the password field to see if the person is disabled. Not sure of other places but we've had to modify the code a bit so that instead of if ((strncmp(passwd,"*LK*", 4) == 0) I'd recommend if ((strchr (passwd, '*') != (char *) NULL) -------------------------------------------------------------------------- Tibor Toronyi voice: (519) 253-4232 ext. 2753 Information Technology Services fax: (519) 973-7083 University of Windsor email: tibor () uwindsor ca Windsor, Ontario, Canada /* Live long and prosper. */ N9B 3P4 /* Mr. Spock */ PGP Public Key: finger tibor () black-ops uwindsor ca http://black-ops.uwindsor.ca/pgp
Current thread:
- Re: SSH 1.x and 2.x Daemon Tibor Toronyi (Feb 08)
- Another Windows98 Bug... Scott (Feb 09)
- Re: Another Windows98 Bug... Jensen Allan AJE (Feb 12)
- mc & Segmentation fault shaman (Feb 12)
- Re: Another Windows98 Bug... Nick Lamb (Feb 12)
- Re: Another Windows98 Bug... Jensen Allan AJE (Feb 12)
- Re: SSH 1.x and 2.x Daemon Brandon S. Allbery (Feb 09)
- Re: SSH 1.x and 2.x Daemon Greg A. Woods (Feb 09)
- Re: SSH 1.x and 2.x Daemon Casper Dik (Feb 11)
- Re: SSH 1.x and 2.x Daemon Kevin Vajk (Feb 12)
- Rainbow Six Buffer Overflow..... Brian Gemberling (Feb 11)
- Re: SSH 1.x and 2.x Daemon Casper Dik (Feb 11)
- Access 97 Password Unmasker Nate Lawson (Feb 09)
(Thread continues...)
- Another Windows98 Bug... Scott (Feb 09)