Security Incidents mailing list archives
Bug#137492: PAM pam_set_item: NULL pam handle passed
From: Matt Zimmerman <mdz () debian org>
Date: Sat, 9 Mar 2002 12:21:24 -0500
Package: ssh Version: 1:3.0.2p1-8 Severity: normal On Sat, Mar 09, 2002 at 12:06:46PM -0500, Matt Zimmerman wrote:
Yes, this is pretty much what I assumed...I would like to track down why this is happening, and send a good bug report to the OpenSSH folks, but I can't reproduce the problem, and probably won't have the time to fiddle with it too much. It may only happen when the client does something specific, that the client from my version of OpenSSH will not do, even under the same circumstances.
Well, scratch that, it turns out that it's actually quite easy to reproduce. The key bits are: - v1 protocol - public key authentication - illegal user The bug only surfaces when all of these are active. For example: ssh -1 -i some-v1-key nonexistentuser@localhost will do it every time. -- Versions of packages ssh depends on: ii debconf 1.0.31 Debian configuration management sy ii libc6 2.2.5-3 GNU C Library: Shared libraries an ii libpam-modules 0.72-35 Pluggable Authentication Modules f ii libpam0g 0.72-35 Pluggable Authentication Modules l ii libssl0.9.6 0.9.6c-1 SSL shared libraries ii libwrap0 7.6-9 Wietse Venema's TCP wrappers libra ii zlib1g 1:1.1.3-19 compression library - runtime -- - mdz ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
Current thread:
- sshd: PAM pam_set_item: NULL pam handle passed Matt Zimmerman (Mar 08)
- Re: sshd: PAM pam_set_item: NULL pam handle passed Tina Bird (Mar 10)
- Re: sshd: PAM pam_set_item: NULL pam handle passed Matt Zimmerman (Mar 10)
- Bug#137492: PAM pam_set_item: NULL pam handle passed Matt Zimmerman (Mar 10)
- Re: sshd: PAM pam_set_item: NULL pam handle passed Matt Zimmerman (Mar 10)
- Re: sshd: PAM pam_set_item: NULL pam handle passed Chris Faulhaber (Mar 10)
- Re: sshd: PAM pam_set_item: NULL pam handle passed Matt Zimmerman (Mar 10)
- Re: sshd: PAM pam_set_item: NULL pam handle passed Tina Bird (Mar 10)