[lug] SSH Vulnerability
Scott A. Herod
herod at interact-tv.com
Fri Feb 9 12:05:39 MST 2001
Hi Nate,
Just saw that. How does one interpret the patch by hand?
--- deattack.c.orig Wed Feb 7 13:53:47 2001
+++ deattack.c Wed Feb 7 13:54:24 2001
@@ -79,7 +79,7 @@
detect_attack(unsigned char *buf, word32 len, unsigned char *IV)
{
static word16 *h = (word16 *) NULL;
- static word16 n = HASH_MINSIZE / HASH_ENTRYSIZE;
+ static word32 n = HASH_MINSIZE / HASH_ENTRYSIZE;
register word32 i, j;
word32 l;
register unsigned char *c;
This means replace the "static word16" with "static word32", correct?
Do you trust the razor.bindview.com website? There's nothing so
far on www.cert.org or www.nipc.gov.
Scott
Nate Duehr wrote:
>
> Slashdot and other sources are reporting that there is a new published
> exploit for pretty much all versions of SSH, not including OpenSSH
> 2.4.0.
>
> The page below also details various vendor responses with F-Secure being
> the worst. (No response at all so far back to the reporting party.)
>
> Here's the people reporting it:
>
> http://razor.bindview.com/publish/advisories/adv_ssh1crc.html
>
> --
> Nate Duehr <nate at natetech.com>
More information about the LUG
mailing list