On Wed, 31 Oct 2001, Ray Olszewski wrote:
> Sorry to be coming into this late. I find I cannot reproduce the problem
> using the version of gatping I have here (the prototype I wrote almost a
> year ago, which I believe is the same as the version Scott sort-of released).
I guess that would be as
Sorry to be coming into this late. I find I cannot reproduce the problem
using the version of gatping I have here (the prototype I wrote almost a
year ago, which I believe is the same as the version Scott sort-of released).
I ran gatping on an Oxygen system made using the image oxygen-090601.ima,
Actually, John, I beg to differ.
It appears that you are running version 1.2.26 of either SSH.com or
possibly OpenSSH. Either way, both are vulnerable to this particular
exploit.
See the following link (probably wrapped):
http://www.corest.com/pressroom/advisories_desplegado.php?idxsection=10
Jeff:
Akshally...no. :) Gatping wasn't released so much
as it was wrapped into the echowall distribution for the
purpose of brute-force updating the ARP cache. It doesn't
have much utility beyond that...which is NOT to say that
I wouldn't welcome any improvements that yield a version
comp
On Wed, 31 Oct 2001, David Douthitt wrote:
> What version of OpenSSH is being used in LEAF projects?
I run and older version of LRP that returns the following string:
SSH-1.5-1.2.26
If I interpret everything correctly this should be OK, but I should really
upgrade it anyway.
> It's a good thi
On Wed, 31 Oct 2001, David Douthitt wrote:
[...]
> Breakpoint 1, send_ping (s=5, h=0x804ac58) at gatping.c:161
> 161 buffer = ( char * ) malloc ( ( size_t ) ping_pkt_size )
> ;
> (gdb) n
> 162 memset ( buffer, 0, ping_pkt_size * sizeof ( char ) )
> ;
> (gdb) p buffer
>
Matt Schalit wrote:
> There's something wrong with elvis, when I open gatping.c
> At line 177 and 178, all hell breaks loose. It's the damned
> oddest thing I've ever seen.
>
> e3 can display gatping.c correctly
> vi on UnixWare 7 displays gatping.c correctly.
> gatping.c is 312 lines lon
I tried compiling an unchanged original version on my system - same
results, same location. I don't know what the trouble is, but it
appears to be tied to releasing the buffer using free(3).
Can anyone pin this down?
___
Leaf-devel mailing list
[EMAIL
Matt Schalit wrote:
>
> David Douthitt wrote:
> There's something wrong with elvis, when I open gatping.c
> At line 177 and 178, all hell breaks loose. It's the damned
> oddest thing I've ever seen.
>
> e3 can display gatping.c correctly
> vi on UnixWare 7 displays gatping.c correctly.
>
Matt:
Perhaps David's using the patched version he posted
to the list last week?
-Scott
> Ok. I don't think I can help much. I don't have the right
> gatping.c apparently. I just used the one Scott sent.
> Matt
___
Leaf-devel mailing lis
David Douthitt wrote:
>
> Matt Schalit wrote:
>
> > Ok. Now I'll run the program again, and
> > then step through the functions in send_ping()
> > with a while loop. The numbers are the line
> > numbers in gatping.c.
> >
> >
> >
David Douthitt wrote:
>
> Matt Schalit wrote:
>
> > (gdb) while 1
> > > step
> > > end
>
> Almost missed this - you can really DO this? Cute!
You gotta read, if'n you want to lern.
I'm not fooling around here.
> > 304 *(u_char *)(&odd_byte) = *(u_char *)p;
>
> This is intere
Matt Schalit wrote:
> Ok. Now I'll run the program again, and
> then step through the functions in send_ping()
> with a while loop. The numbers are the line
> numbers in gatping.c.
>
>
> (gdb) run
> Starting program: /tmp/gatping
Pedro Barreto wrote:
> just to be sure everyone knows.
Hi Pedro! Long time
> > Affected Versions:
> > OpenSSH versions prior to 2.3.0 (if SSH Version 1 fallback is enabled)
What version of OpenSSH is being used in LEAF projects?
> > Description:
> > The vulnerability exists in affected
Matt Schalit wrote:
> (gdb) while 1
> > step
> > end
Almost missed this - you can really DO this? Cute!
> 304 *(u_char *)(&odd_byte) = *(u_char *)p;
This is interesting - does this really work or does it clobber
something?
> 312
> send_ping (s=5, h=0x804a958) at gatping.c:179
>
just to be sure everyone knows.
pedro
> -Original Message-
> From: X-Force [mailto:[EMAIL PROTECTED]]
> Sent: terça-feira, 30 de Outubro de 2001 19:58
> To: [EMAIL PROTECTED]
> Subject: ISSalert: ISS Security Advisory: Widespread
> Exploitation of SSH
> CRC32 Compensation Attack
>
>
>
David Douthitt wrote:
>
> Here it is, compiled against 2.1.3
>
Thanks. Here we go.
-
(gdb) file /tmp/gatping
Reading symbols from /tmp/gatping...done.
(gdb) run
Starting program: /tmp/gatping
warning: Unable to find dynam
17 matches
Mail list logo
