Hi all. I've put up Dropbear 0.48, which has a few fixes.
It fixes the denial of service attack reported by Pablo Fernandez on bugtraq, which is actually a common problem with various network services (inetd and OpenSSH both seem "vulnerable"). Dropbear now has a per-IP pre-authentication connection limit, which make it harder for someone to use all the pre-auth connection slots. I've also updated scp to the latest OpenSSH version, fixing a security issue. http://matt.ucc.asn.au/dropbear/releases/dropbear-0.48.tar.gz Matt 0.48 - Thurs 9 March 2006 - Check that the circular buffer is properly empty before closing a channel, which could cause truncated transfers (thanks to Tomas Vanek for helping track it down) - Implement per-IP pre-authentication connection limits (after some poking from Pablo Fernandez) - Exit gracefully if trying to connect to as SSH v1 server (reported by Rushi Lala) - Only read /dev/random once at startup when in non-inetd mode - Allow ctrl-c to close a dbclient password prompt (may still have to press enter on some platforms) - Merged in uClinux patch for inetd mode - Updated to scp from OpenSSH 4.3p2 - fixes a security issue where use of system() could cause users to execute arbitrary code through malformed filenames, ref CVE-2006-0225
