Date: Sat, 7 Oct 2006 12:12:16 -0700 From: Avleen Vig <lists-freebsd@silverwraith.com> To: Colin Percival <cperciva@freebsd.org> Cc: freebsd-security@freebsd.org, Theo de Raadt <deraadt@cvs.openbsd.org> Subject: Re: FreeBSD Security Advisory FreeBSD-SA-06:22.openssh Message-ID: <20061007191216.GX941@silverwraith.com> In-Reply-To: <452183B1.7000306@freebsd.org> References: <200610022000.k92K0B5P009759@cvs.openbsd.org> <452183B1.7000306@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Oct 02, 2006 at 02:25:05PM -0700, Colin Percival wrote: > Theo de Raadt wrote: > >> The OpenSSH project believe that the race condition can lead to a Denial > >> of Service or potentially remote code execution > > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > > Bullshit. Where did anyone say this? > > The OpenSSH 4.4 release announcement says that, actually: > > * Fix an unsafe signal hander reported by Mark Dowd. The signal > handler was vulnerable to a race condition that could be exploited > to perform a pre-authentication denial of service. On portable > OpenSSH, this vulnerability could theoretically lead to > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > pre-authentication remote code execution if GSSAPI authentication > ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ > is enabled, but the likelihood of successful exploitation appears > remote. Theo: Maybe you should put people in charge who can read their own release announcements before flaming a mailing list.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20061007191216.GX941>