Bug#137492: PAM pam_set_item: NULL pam handle passed
From: Matt Zimmerman (mdz@debian.org)Date: 03/09/02
- Previous message: Steve: "RE: New Nimda?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 9 Mar 2002 12:21:24 -0500 From: Matt Zimmerman <mdz@debian.org> To: submit@bugs.debian.org
Package: ssh
Version: 1:3.0.2p1-8
Severity: normal
On Sat, Mar 09, 2002 at 12:06:46PM -0500, Matt Zimmerman wrote:
> Yes, this is pretty much what I assumed...I would like to track down why
> this is happening, and send a good bug report to the OpenSSH folks, but I
> can't reproduce the problem, and probably won't have the time to fiddle
> with it too much. It may only happen when the client does something
> specific, that the client from my version of OpenSSH will not do, even
> under the same circumstances.
Well, scratch that, it turns out that it's actually quite easy to reproduce.
The key bits are:
- v1 protocol
- public key authentication
- illegal user
The bug only surfaces when all of these are active. For example:
ssh -1 -i some-v1-key nonexistentuser@localhost
will do it every time.
--Versions of packages ssh depends on: ii debconf 1.0.31 Debian configuration management sy ii libc6 2.2.5-3 GNU C Library: Shared libraries an ii libpam-modules 0.72-35 Pluggable Authentication Modules f ii libpam0g 0.72-35 Pluggable Authentication Modules l ii libssl0.9.6 0.9.6c-1 SSL shared libraries ii libwrap0 7.6-9 Wietse Venema's TCP wrappers libra ii zlib1g 1:1.1.3-19 compression library - runtime
-- - mdz
---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
- Previous message: Steve: "RE: New Nimda?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
