oss-sec mailing list archives
Re: Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778
From: Qualys Security Advisory <qsa () qualys com>
Date: Thu, 14 Jan 2016 14:32:07 -0800
On Thu, Jan 14, 2016 at 01:11:29PM -0500, Jan Schaumann wrote:
Why is version 5.3 not affected?
The information leak is in resend_bytes() ["if (out_start < out_last)" should be "if (out_start <= out_last)"], but in OpenSSH 5.3, there is no call to resend_bytes(), at all (roaming_client.c does not even exist). With best regards, -- the Qualys Security Advisory team
Current thread:
- Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778 Qualys Security Advisory (Jan 14)
- Re: Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778 Jan Schaumann (Jan 14)
- Re: Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778 Qualys Security Advisory (Jan 14)
- Re: Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778 Florian Weimer (Jan 15)
- Re: Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778 Yann Droneaud (Jan 15)
- Re: Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778 Rich Felker (Jan 15)
- Re: Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778 Florian Weimer (Jan 18)
- Re: Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778 Yann Droneaud (Jan 20)
- Re: Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778 Yann Droneaud (Jan 15)
- Re: Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778 Jan Schaumann (Jan 14)
- Re: Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778 Yves-Alexis Perez (Jan 15)