Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Attacks against SSH?

From: Russell Fulton <r.fulton () auckland ac nz>
Date: Thu, 6 Dec 2001 09:22:35 +1300 (NZDT)

On Wed, 5 Dec 2001 07:11:57 +0100 Przemyslaw Frasunek 
<venglin () freebsd lublin pl> wrote:


On Wednesday 05 December 2001 03:51, Russell Fulton wrote:

package with SSH-1.5-OpenSSH-1.2.3 in not vulnerable:
bluebottle:~ >ssh -l`perl -e '{print "A"x90000}'` 130.216.yyy.xxx
Word too long.


No, it doesn't mean you're not vulnerable. Some shells (csh, tcsh) limits 
argument length and prints 'Word too long'.


Oops!  Thanks of pointing that out!

hmmm... how about:

bluebottle:~ >sh
$ ssh -l`perl -e '{print "A"x90000}'`130.216.1.228
Usage: ssh [options] host [command]
Options:
  -l user     Log in using this user name.
  -n          Redirect input from /dev/null.
  -A          Enable authentication agent forwarding.
  -a          Disable authentication agent forwarding.


Now we now get a usage error from the local ssh client.  Which ssh 
client were you using Michal?

Russell Fulton, Computer and Network Security Officer
The University of Auckland,  New Zealand




----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com
Previous By Date Next
Previous By Thread Next

Current thread: