Vulnerability Development mailing list archives
SSH 3.1.0 Potential Exploit + FIX
From: SoulBlazer <soul () lamp-post net>
Date: Fri, 15 Mar 2002 12:36:37 -0500
Greetings, With all the hype about openssh being hackable, and zlib-1.1.3 being a potential hole, I believe that perhaps the following has been overlooked. (/usr/src/build/ssh-3.1.0/lib/zlib)# : more ChangeLog ChangeLog file for zlib Changes in 1.1.3 (9 July 1998) - fix "an inflate input buffer bu Heh anyhow I patched ssh 3.1.0 against the newer zlib (1.1.4) and made the appropriate adjustments, patch attached. Cheers, Shoutouts to galt, FEENiX, wirepair, cylons, lpn, aeonflux, terrorbyt, index1, korolev, killahack,cowofdoom,oatmeal.. and any who I missed here.. you know who you are. =) -- Tread lightly, for you address not the storm.. but the force that binds it..
Attachment:
zlib-1.1.4-ssh-3.1.0.diff.bz2
Description:
Current thread:
- SSH 3.1.0 Potential Exploit + FIX SoulBlazer (Mar 15)
- Re: SSH 3.1.0 Potential Exploit + FIX sekure (Mar 15)