Full Disclosure mailing list archives
Re: FreeSSHD 1.2.4~1.2.6 Remote Buffer Overflow DoS
From: Aris <aris () 0xbadc0de be>
Date: Wed, 11 Aug 2010 14:16:57 +0200
Le 02/08/10 18:36, YGN Ethical Hacker Group a écrit :
This is to confirm FreeSSHD 1.2.6 , latest version, is still vulnerable to this: http://www.exploit-db.com/exploits/11842/ I request exploit researchers to find remote code execution capability in this flaw.
Your "request" was examined. This is nothing more than a null pointer deference, which cannot be easily exploited. However you should have a look at the code below, it compiles with libssh 0.4.5. You need to provide a valid login to the SSH server. This vulnerability says long about the seriousness of this application. I will probably find more in future if I find time to reverse it. Aris
Attachment:
freesshpwn.c
Description:
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- FreeSSHD 1.2.4~1.2.6 Remote Buffer Overflow DoS YGN Ethical Hacker Group (Aug 02)
- Re: FreeSSHD 1.2.4~1.2.6 Remote Buffer Overflow DoS Aris (Aug 11)