The backtrace shows that this is from the pgsql PAM module. A quick
check of the code shows that it is assuming that h_addr is always an
IPv4 when it may not be, resulting in a potential overflow of the buffer
it creates to hold an IP address.
** Package changed: openssh (Ubuntu) => pam-pgsql (Ubuntu)
** Changed in: pam-pgsql (Ubuntu)
Importance: Undecided => Medium
** Changed in: pam-pgsql (Ubuntu)
Status: New => Confirmed
** Summary changed:
- sshd buffer overflow detected crash from certain ip addresses
+ PAM pgsql buffer overflow when dealing with IPv6 addresses
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openssh in ubuntu.
https://bugs.launchpad.net/bugs/722386
Title:
PAM pgsql buffer overflow when dealing with long addresses
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
