SecureCRT (http://www.vandyke.com/products/securecrt/) seems to have a bug in a
seemlingly trivial portion of its SSH connection code. When an SSH Client
connects to a server, the server sends a version string containing minor and
major numbers for the protocol, as well as a server-specific ident
In-Reply-To: <[EMAIL PROTECTED]>
Hello Kyuzo,
This is the first VanDyke Software has heard of the problem you
reported. We take these issues seriously--making fixes available
to our customers as soon as possible. We have identified the area
of code where the problem exists and will be
memset(&(local.sin_zero), 0, 8);
if (bind(s, (struct sockaddr *)&local, sizeof(struct sockaddr)) == -1) {
perror("bind");
return 1;
}
if (listen(s, 2) == -1) {
perror("listen");
return 1;
}
printf("waiting for connection...\n");
if
In-Reply-To: <[EMAIL PROTECTED]>
> SecureCRT (http://www.vandyke.com/products/securecrt/) seems to have
> a bug in a seemlingly trivial portion of its SSH connection code.
> When an SSH Client connects to a server, the server sends a version
> string containing minor and major numbers for the
I wrote:
> One of the README files on their site (I read it earlier today and
> didn't note the URL) says that a patched 3.2.1 version will be made
> available shortly. They are not leaving you out in the cold. You just
> need to wait a couple of days before resuming your practice of ssh'ing
>
Russell Harding wrote:
> Of course it matters if the client has code-injection 'portholes' as you
> call them. Someone may be using nasty tricks through ARP, DNS, or even
> manipulating routing tables, such that you are not actually connecting to
> a host you trust. This is why ssh implements
On Fri, 26 Jul 2002, Bela Lubkin wrote:
> Burton M. Strauss III wrote:
>
> > You know, that's only partially a solution. For those of us who haven't
> > chosen to PAY for the upgrade to 3.4, we're left out in the cold. Quoting
> > from VanDyke's web page:
> >
> > "All users may evaluate Secur
In-Reply-To: <[EMAIL PROTECTED]>
We have released versions of SecureCRT that address this
vulnerability. This fix is available for ALL of our licensed
customers without charge. VanDyke Software recommends that all
users of SecureCRT upgrade immediately to the available versions.
Updated i
> Thanks (and to Jim Paris).
>
> I of course did not mean that it was OK for the client to have code
> injection "portholes". I just meant that the particular exploit path
> that was described wasn't very interesting since someone who maliciously
> controls the sshd to which you are speaking has
In-Reply-To: <[EMAIL PROTECTED]>
[Minor correction on upgrade eligibility dates]
We have released versions of SecureCRT that address this
vulnerability. This fix is available for ALL of our licensed
customers without charge. VanDyke Software recommends that all
users of SecureCRT upgrad
To: [EMAIL PROTECTED]
Subject: Re: Arbitrary Code Execution Vulnerability in VanDyke SecureCRT
3.4 & 4.0 beta
In-Reply-To: <[EMAIL PROTECTED]>
> SecureCRT (http://www.vandyke.com/products/securecrt/) seems to have
> a bug in a seemlingly trivial portion of its SSH connection code.
>
Burton M. Strauss III wrote:
> You know, that's only partially a solution. For those of us who haven't
> chosen to PAY for the upgrade to 3.4, we're left out in the cold. Quoting
> from VanDyke's web page:
>
> "All users may evaluate SecureCRT 3.4 for 30 days free of charge. Registered
> users
12 matches
Mail list logo
