• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Focus On: Vista
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns

• info
• discussion
• exploit
• solution
• references

OpenSSH Buffer Mismanagement Vulnerabilities

A buffer mismanagement vulnerability has been reported in OpenSSH. This issue exists in the 'buffer.c' source file and may potentially be exploited to execute arbitrary code with the privileges of OpenSSH. Exploitation of this bug to execute arbitrary code has not been confirmed, though it may potentially be used to cause a denial of service. This condition can reportedly be triggered by an overly large packet.

There are also unconfirmed rumors of an exploit for this vulnerability circulating in the wild.

OpenSSH has revised their advisory, pointing out a similar issue in the channels.c source file and another additional issue in buffer.c. Solar Designer has also reportedly pointed out additional instances of the problem that may also present vulnerabilities.