OpenSSH Security Advisory: buffer.adv

Dries Schellekens gwyllion at
Thu Sep 18 09:41:06 EST 2003

On Wed, 17 Sep 2003, Dries Schellekens wrote:

> Will the 4 extra fixes by Solar Designer be included as well?
> >From the Owl Changelog
> 2003/09/17	Package: openssh
> SECURITY FIX	Severity: medium, remote, active
> Multiple memory management errors have been discovered in OpenSSH, and
> this update corrects 6 such real or potential errors based on an
> exhaustive review of the OpenSSH source code for uses of *realloc()
> functions. At this time, it is uncertain whether and which of these bugs
> are exploitable. If exploits are possible, due to privilege separation,
> the worst direct impact should be limited to arbitrary code execution
> under the sshd pseudo-user account restricted within the chroot jail
> /var/empty, or under the logged in user account. Reference:

So is there no urgent need to include these fixes?


Dries Schellekens
email: gwyllion at

More information about the openssh-unix-dev mailing list