This just came across the ssh list...I've deleted the patch for brievity (original length was some 2900 lines). > From owner-sshat_private Tue Dec 29 23:13:34 EDT 1998 > From: Sami Lehtinen <sjlat_private> > MIME-Version: 1.0 > Date: Tue, 29 Dec 1998 12:56:52 +0200 (EET) > To: sshat_private > Subject: ssh2 security problem (and patch) > Message-ID: <13960.46005.391107.110139at_private> > > > Description for the problem and the patch (and it's signature) are > attached to this message. > > -- > [sjlat_private -- Sami J. Lehtinen -- sjlat_private] > [work:+358 9 43543214][gsm:+358 50 5170 258][http://www.iki.fi/~sjl] > [SSH Communications Security Ltd. http://www.ssh.fi/] > [...] > sshd2 (version 2.0.11 and older) has a security bug, which allows any > eligible user to request remote forwarding from privileged ports > without being root. Thanks to Niko Tyni for pointing this one out. > > Included in this message is a patch that fixes this. It also makes the > client print an error message, if remote port forwarding fails. Also, > the configure script is a bit revised. It should atleast compile at > HP-UX 9.x now (the "/usr/bin/ld: Unsatisfied symbols: vsnprintf > (code)" bug should be fixed). > > This patch works with ssh-2.0.11, atleast. > > The patch can also be found in http://www.ssh.fi/sshprotocols2/ in a > short while. > > Installing the patch is simple. Go to the sources directory > (~/src/ssh-2.0.11/ , or whatever) and give this command > % patch -p1 -l ~/patches/patch-ssh-2.0.11 > (the filename depends on where you save it, and with what name) > Then run configure, make and make install as usual. Restart any > sshd2-daemons currently running. [...patch deleted...]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:26:37 PDT