[Full-disclosure] FreeSSHD 1.2.4~1.2.6 Remote Buffer Overflow DoS
Aris
aris at 0xbadc0de.be
Wed Aug 11 13:16:57 BST 2010
Le 02/08/10 18:36, YGN Ethical Hacker Group a écrit :
> This is to confirm FreeSSHD 1.2.6 , latest version, is still vulnerable to this:
> http://www.exploit-db.com/exploits/11842/
>
> I request exploit researchers to find remote code execution capability
> in this flaw.
>
Your "request" was examined. This is nothing more than a null pointer
deference, which cannot be easily exploited. However you should have a
look at the code below, it compiles with libssh 0.4.5. You need to
provide a valid login to the SSH server.
This vulnerability says long about the seriousness of this application.
I will probably find more in future if I find time to reverse it.
Aris
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freesshpwn.c
Type: text/x-csrc
Size: 6032 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20100811/1f7c108a/attachment.bin
Full-Disclosure is hosted and sponsored by Secunia.