[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: libssh bugs found via fuzzing


Jean,

Thank you for your work. Andreas already corrected the two first bugs. I found the cause of the third bug : When passing a length which is not a multiple of blocksize to AES_cbc_decrypt (or equivalent), openssl pads that buffer with zeroes and then encrypt, adding the missing bytes to make the buffer a multiple of blocksize.

I will issue a fix. I will also look how complicated it is to write an exploit. I'm quite sure it is exploitable on older gnu libc. And of course the client is vulnerable as well.

Thanks again,

Aris

Jean Sigwald a écrit :
Hi,

We are security researchers working at Orange Labs. Our area of research
is focused on vulnerability research with fuzzing techniques.

We found 3 issues in libssh 0.3.3 that can be used to crash the
samplesshd server remotely :
- missing NULL pointer check in crypt_set_algorithms_server
- integer overflow in buffer_get_data
- heap overflow in packet_decrypt, which seems to be caused by calling
DES_ede3_cbc_encrypt with a length that is not a multiple of 8

The attached files are gdb backtraces to help you fix those issues.

Best regards,
Jean Sigwald


References:
libssh bugs found via fuzzingJean Sigwald <jean.sigwald@xxxxxxxxxxxxxxxxxx>
Archive administrator: postmaster@lists.cynapses.org