Re: Sun libnsl lameness

From: nicholas harteau (nrhat_private)
Date: Wed Jul 01 1998 - 22:44:20 PDT

Next message: Aleph One: "Alert: ASP vulnerability with Alternate Data Streams"

Previous message: Herbert Rosmanith: "pop_msg in debian/qpopper: core, but no exploit"
Maybe in reply to: George Clooney: "Sun libnsl lameness"
Next in thread: Andy Polyakov: "Re: Sun libnsl lameness"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

it should be noted that ssh and sshd make use of insecure functions as
mentioned below.

[root@squig ~/work/ssh/ssh-1.2.25] nm sshd | egrep 'getnetname|getsecretkey'
[428]   |    372268|       0|FUNC |GLOB |0    |UNDEF  |getnetname
[527]   |    372280|       0|FUNC |GLOB |0    |UNDEF  |getsecretkey
[root@squig ~/work/ssh/ssh-1.2.25] nm ssh | grep getnetname
[416]   |    356736|       0|FUNC |GLOB |0    |UNDEF  |getnetname


George Clooney wrote:
>                Functions we have found vulnerable:
>
>                Vulnerable key functions
>                ---------------------------------------------------
>                getsecretkey ()         : Calls getkeys_nis ()
>
>
>                Vulnerable RPC functions
>                ----------------------------------------------------
>                getnetname ()           : Calls host2netname ()

--
nicholas harteau
nrhat_private

Next message: Aleph One: "Alert: ASP vulnerability with Alternate Data Streams"
Previous message: Herbert Rosmanith: "pop_msg in debian/qpopper: core, but no exploit"
Maybe in reply to: George Clooney: "Sun libnsl lameness"
Next in thread: Andy Polyakov: "Re: Sun libnsl lameness"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:01:41 PDT