Bug 14749

Summary: /usr/ports/security/ssh/ has remote buffer-overflow
Product: Ports & Packages Reporter: GNATS administrator <gnats-admin>
Component: Individual Port(s)Assignee: freebsd-ports (Nobody) <ports>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: Latest   
Hardware: Any   
OS: Any   

Description GNATS administrator freebsd_committer freebsd_triage 1999-11-06 19:40:00 UTC 
There appears to be an exploitable buffer-overrun in the SSH 1.2.27 version in ports, with the RSAREF implementation.  SSH 1.2.27 is seemingly no longer supported. 

It goes like that...
  sshd.c, do_connection at line 1513 gets a long number from the
remote side.  It proceeds to pass it into rsa_private_decrypt. 
rsa_private_decrypt (in rsaglue.c) has a ~200 byte buffer which can 
be overflowed, giving a SIGBUS or SIG 11.  It might take some talent
to overflow this because of the conversions.

Fix: 

don't use static buffers here, or do a simple bounds check.
How-To-Repeat: 
In ssh-1.2.27, modify your sshconnect.c, do_login, change every instance of SSH_SESSION_KEY_LENGTH to SSH_SESSION_KEY_LENGTH+500, and
comment out the call to a_public_encrypt (otherwise, you'd crash yourself). 
A true exploit would probably only encrypt some of the buffer, leaving
the rest to cause problems.
Comment 1 cpiazza freebsd_committer freebsd_triage 1999-11-21 00:27:08 UTC 
State Changed
From-To: open->closed

patch-ax, committed by imp@freebsd.org, fixes this problem.