Mailing-List:	contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm
List-Subscribe:	<mailto:cygwin-subscribe AT sourceware DOT cygnus DOT com>
List-Archive:	<http://sourceware.cygnus.com/ml/cygwin/>
List-Post:	<mailto:cygwin AT sourceware DOT cygnus DOT com>
List-Help:	<mailto:cygwin-help AT sourceware DOT cygnus DOT com>, <http://sourceware.cygnus.com/ml/#faqs>
Sender:	cygwin-owner AT sourceware DOT cygnus DOT com
Delivered-To:	mailing list cygwin AT sourceware DOT cygnus DOT com
From:	"Prentis Brooks" <prentis AT aol DOT net>
To:	"Cygwin" <cygwin AT sourceware DOT cygnus DOT com>
Subject:	FW: [ANNOUNCEMENT]: patched openSSH-1.2.2 [was Re: No this has a nasty bite]
Date:	Tue, 30 May 2000 14:34:42 -0400
Message-ID:	<NEBBLEPLMLJEEFHAGMDMKECMCAAA.prentis@aol.net>
MIME-Version:	1.0
X-Priority:	3 (Normal)
X-MSMail-Priority:	Normal
X-Mailer:	Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0)
Importance:	Normal
X-MimeOLE:	Produced By Microsoft MimeOLE V5.00.2314.1300

-----Original Message-----
From: Prentis Brooks [mailto:prentis AT aol DOT net]
Sent: Tuesday, May 30, 2000 2:33 PM
To: Prentis Brooks
Subject: RE: [ANNOUNCEMENT]: patched openSSH-1.2.2 [was Re: No this has
a nasty bite]


Ok, need to correct myself... it is not a patch that has the overflow, it is
RSAREF itself... do you know if this particular compilation has it
corrected, or was RSAREF compiled into OpenSSL?

-----Original Message-----
From: cygwin-owner AT sourceware DOT cygnus DOT com
[mailto:cygwin-owner AT sourceware DOT cygnus DOT com]On Behalf Of Prentis Brooks
Sent: Tuesday, May 30, 2000 2:19 PM
To: cygwin
Subject: RE: [ANNOUNCEMENT]: patched openSSH-1.2.2 [was Re: No this has
a nasty bite]


Corinna,
	your patches work great, one last quick question, then I am done, I hope
:).  There is apparently an RSAREF patch out there with a buffer overflow
problem, I am still trying to track down the patch number.  If you happen to
know of it, did you apply that patch to the OpenSSL code?  If you don't know
of the one I am talking about, then I guess there is not much we can do
until I find that patch number ;)

Thanks

-----Original Message-----
From: cygwin-owner AT sourceware DOT cygnus DOT com
[mailto:cygwin-owner AT sourceware DOT cygnus DOT com]On Behalf Of Corinna Vinschen
Sent: Sunday, May 28, 2000 5:25 AM
To: Prentis Brooks
Cc: cygwin
Subject: Re: [ANNOUNCEMENT]: patched openSSH-1.2.2 [was Re: No this has
a nasty bite]


Prentis Brooks wrote:
> different from what I was looking to do.  Would you mind telling me how
you
> solved the problem of unauthorized access to a another account?
> (specifically, being able to login to RSA enabled SSHD eventhough your RSA
> key is not part of that SSHD's user's authorized_key file.)

Password authentication leads to a valid hToken, any
other authentication leads to hToken == INVALID_HANDLE_VALUE.
So after authentication I check for non-password authentication
and equality of getuid() to uid of authenticated user.

==== SNIP ====
@@ -1498,6 +1529,13 @@ do_authloop(struct passwd * pw)
                        break;
                }

+#ifdef __CYGWIN__
+                if (is_winnt && hToken == INVALID_HANDLE_VALUE &&
+                    authenticated && getuid() != pw->pw_uid) {
+                        packet_disconnect("Authentication rejected for
uid %d.", (int) pw->pw_uid);
+                        authenticated = 0;
+                }
+#endif
                /* Raise logging level */
                if (authenticated ||
                    attempt == AUTH_FAIL_LOG ||
==== SNAP ====

Corinna

--
Corinna Vinschen
Cygwin Developer
Cygnus Solutions, a Red Hat company

--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe AT sourceware DOT cygnus DOT com


--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe AT sourceware DOT cygnus DOT com


--
Want to unsubscribe from this list?
Send a message to cygwin-unsubscribe AT sourceware DOT cygnus DOT com

- Raw text -