Subject: Re: ssh buffer overflow / package?
To: None <firstname.lastname@example.org>
From: Simon Burge <email@example.com>
Date: 11/03/1998 12:06:32
On Mon, 2 Nov 1998 13:44:03 -0500 Mason Loring Bliss wrote:
> Hi, all.
> I'm not familiar with the ssh 2.x copying restrictions, but there's a fix
> for the recent potential buffer overflow bugs in ssh 1.2.26 that involves
> using source from 2.x.
> I was wondering if someone who has the ability and inclination to make the
> changes to the ssh package could do so...? I'd happily test and submit the
> changes, but I expect my PR would gather lots of dust, which wouldn't be of
> much use to anyone.
> Thanks in advance!
> Here's an informative URL:
For more info, look at:
Here's the important bit:
Buffer overflow condition in "sshd" logging facility.
This advisory was CANCELLED on Nov. 1, 1998 without ever having
been issued. The potential buffer overflow condition described
in the advisory was determined to have been caused by outside
factors, and does not appear to be an exploitable condition in
Unfortunately, a draft copy of this advisory was included in
Rootshell Bulletin #25 on Nov. 1, 1998. The contents of this
advisory should be DISREGARDED.