"Marc Dequènes (Duck)" <d...@duckcorp.org> writes: > While testing if my configuration was ok, i just tried a simple > interactive SSH and got a crash. The account has only access to rsync > without chrooting.
> Trace: > ----------------------------------------------------------------------------- > [...] > Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent > permitted by applicable law. > Last login: Sat Oct 23 20:58:52 2010 from 2001:7a8:810:114::3 > This account is restricted by rssh. > Allowed commands: rsync > If you believe this is in error, please contact your system administrator. > *** glibc detected *** -rssh: malloc(): memory corruption: > 0x0000000001f537b0 *** Thanks! Looks like this has been there for a while, but it's a single byte write past the end of the string right before exit, so the code must have previously gotten lucky. None of the data involved in building that string or buffer came from the end user, so I don't think there's an exploitable security vulnerability here, but I'll push an update into squeeze anyway since it's a one-line fix. -- Russ Allbery (r...@debian.org) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
