Re: sshd: PAM pam_set_item: NULL pam handle passed

From: Matt Zimmerman (mdz@csh.rit.edu)
Date: 03/09/02

• Previous message: Chris Faulhaber: "Re: sshd: PAM pam_set_item: NULL pam handle passed"
• In reply to: Tina Bird: "Re: sshd: PAM pam_set_item: NULL pam handle passed"
• Next in thread: Matt Zimmerman: "Bug#137492: PAM pam_set_item: NULL pam handle passed"
• Reply: Matt Zimmerman: "Bug#137492: PAM pam_set_item: NULL pam handle passed"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Sat, 9 Mar 2002 12:06:46 -0500
From: Matt Zimmerman <mdz@csh.rit.edu>
To: incidents@securityfocus.com

On Fri, Mar 08, 2002 at 06:16:23PM -0600, Tina Bird wrote:

> From: Andrew Morgan (morgan@transmeta.com)
> Date: Fri Apr 20 2001 - 16:26:08 CDT
>
> This is an internal error from libpam. It means something did this:
>
>
> pam_set_item(NULL, PAM_<something>, item);
>
>
> The error is that the first argument is NULL. It should have been a
> non-NULL pam_handle_t object.
>
>
> Buggy code - application or module I guess.
>
> -----------
> I looked through a few more of the Google hits. They all showed
> programming errors and no evidence of malicious behavior, so barring
> any other information, I suspect this is more of the same. Maybe
> there's a new bug in the OpenSSH implementation?

Yes, this is pretty much what I assumed...I would like to track down why
this is happening, and send a good bug report to the OpenSSH folks, but I
can't reproduce the problem, and probably won't have the time to fiddle with
it too much. It may only happen when the client does something specific,
that the client from my version of OpenSSH will not do, even under the same
circumstances.

-- 
 - mdz
----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

---

• Previous message: Chris Faulhaber: "Re: sshd: PAM pam_set_item: NULL pam handle passed"
• In reply to: Tina Bird: "Re: sshd: PAM pam_set_item: NULL pam handle passed"
• Next in thread: Matt Zimmerman: "Bug#137492: PAM pam_set_item: NULL pam handle passed"
• Reply: Matt Zimmerman: "Bug#137492: PAM pam_set_item: NULL pam handle passed"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages [djm@cvs.openbsd.org: OpenSSH 4.0 released] ... OpenSSH 4.0 has just been released. ... implementation and includes sftp client and server support. ... AllowGroups and DenyGroups (Bugzilla #909) ... (FreeBSD-Security) Announce: OpenSSH 4.3 released ... OpenSSH 4.3 has just been released. ... implementation and includes sftp client and server support. ... (SSH) Re: OpenSSH ... OpenSSH" rather, ... from the same client IP, same client program, same options on the ... rather long delay after answering the password prompt. ... and a password prompt all at once instantly. ... (comp.unix.sco.misc) Re: setting ssh-add environment variables on Windows ... > I'm running the OpenSSH for Windows client without a full cygwin ... > Seems impossible to do without a full cygwin install and access to a bash ... I haven't tried the openssh/windows client. ... If you can't find a similar program in the openssh client, ... (comp.security.ssh) OpenSSH 4.1 released ... OpenSSH 4.1 has just been released. ... implementation and includes sftp client and server support. ... to abort the connection (bugzilla #896) ... (SSH)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(11)