Metasploit mailing list archives
OpenSSH Remote Overflow 0day
From: jerome.athias at free.fr (Jerome Athias)
Date: Fri, 31 Mar 2006 23:55:47 +0200
OpenSSH Remote Overflow 0day Released date: 1st april (00H00 GMT+1) There is a remote overflow in the ssh-HDM utility provided with OpenSSH. The bug occurs in the DrinkBeer() function when sending a specially-crafted overly long Beer Packet. Sending 1025 beers to the target will result in the target to puke and stop responding. PoC: sc=" .msfmsfmsf. .msfmsfmsfmsfmsfmsfs msfmsfmsfmsfmsfmsfmsfmsfs msfmsfmsfmsfmsfmsfmsfmsfmsfs @@msfmsfmsfmsfmsfmsfmsfss at ss |s@@@@msfmsfmsfmsfmsf@@@@s|s _______|msfss@@@@@msfss@@@@@msfss|s / msfmsfmsf at msfss@msfmsfmsf|s / .------+.msfmsfss at msfss@msfmsfss.| / / |...msfmsfs at msf@msfmsfs...| | | |.......msf at msf@msfs......| | | |..........s at ss@msf.......| | | |........... at ss@..........| \ \ |............ss at ..........| \ '------+...........ss at ...........| \________ .........................| |.........................| /...........................\ |.............................| |.......................| |...............| '===================================================================' || ___ || || .' '. || || / \ oOoOo || || | | ,==||||| || || \ / _|| ||||| || || '.___.' _.-'^|| ||||| || || __/_______.-' '==HDMHH || || _.-'` / """"" || || .-' / oOoOo || || `-._ / ,==||||| || || '-/._|| ||||| || || / ^|| ||||| || || / '==HDMHH || || /________""""" || || `\ `\ || || \ `\ / || || \ `\/ || || / || || / || || /_____ || || || '===================================================================' "; Solution: The OpenHeineken vendor was contacted but was not able to produce a patch. Try the unofficial Coca-Cola fix. /Sorry guys, no more inspiration for the 1st april :p
Current thread:
- OpenSSH Remote Overflow 0day Jerome Athias (Mar 31)