Bugtraq mailing list archives
Re: SSH 1.x and 2.x Daemon
From: allbery () ECE CMU EDU (Brandon S. Allbery)
Date: Tue, 9 Feb 1999 13:32:39 -0500
In message <199902081708.MAA09126 () black-ops uwindsor ca>, Tibor Toronyi writes: +----- | As a side note (after checking into this problem), I noticed that the | server code ONLY checks for "*LK*" in the password field to see if the | person is disabled. Not sure of other places but we've had to modify the | code a bit so that instead of | | if ((strncmp(passwd,"*LK*", 4) == 0) | | I'd recommend | | if ((strchr (passwd, '*') != (char *) NULL) +--->8 I would suggest that a better check would be: if (strlen(passwd) < 11) since various systems I've seen use "*", "x", "!", "!!", "*LK*", "afs" (with the normal password lookup preempted by AFS or Kerberos routines in system programs), etc. (This assumes you don't want to permit null passwords. The necessary change should be reasonably obvious.) != 13 would be even safer, but this would fail on BSD with MD5 passwords or sites using various extended-length password schemes. -- brandon s. allbery [os/2][linux][solaris][japh] allbery () kf8nh apk net system administrator [WAY too many hats] allbery () ece cmu edu electrical and computer engineering KF8NH carnegie mellon university ["God, root, what is difference?" -Pitr]
Current thread:
- Re: SSH 1.x and 2.x Daemon Tibor Toronyi (Feb 08)
- Another Windows98 Bug... Scott (Feb 09)
- Re: Another Windows98 Bug... Jensen Allan AJE (Feb 12)
- mc & Segmentation fault shaman (Feb 12)
- Re: Another Windows98 Bug... Nick Lamb (Feb 12)
- Re: Another Windows98 Bug... Jensen Allan AJE (Feb 12)
- Re: SSH 1.x and 2.x Daemon Brandon S. Allbery (Feb 09)
- Re: SSH 1.x and 2.x Daemon Greg A. Woods (Feb 09)
- Re: SSH 1.x and 2.x Daemon Casper Dik (Feb 11)
- Re: SSH 1.x and 2.x Daemon Kevin Vajk (Feb 12)
- Rainbow Six Buffer Overflow..... Brian Gemberling (Feb 11)
- Re: SSH 1.x and 2.x Daemon Casper Dik (Feb 11)
- Access 97 Password Unmasker Nate Lawson (Feb 09)
- Lynx /tmp problem Juan Diego Bolanos (Feb 09)
- Re: Lynx /tmp problem Theo de Raadt (Feb 11)
- Re: Lynx /tmp problem Glynn Clements (Feb 12)
- Re: Lynx /tmp problem Piotr Klaban (Feb 15)
- <Possible follow-ups>
- Re: SSH 1.x and 2.x Daemon der Mouse (Feb 11)
(Thread continues...)
- Another Windows98 Bug... Scott (Feb 09)