diff options
author | Colin Watson <cjwatson@debian.org> | 2006-09-29 11:36:40 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2006-09-29 11:36:40 +0000 |
commit | b9438bbc073e792547318c8e343923748536529c (patch) | |
tree | 267f9815b8386617219421d862be309b73758c6b /auth.h | |
parent | 0b228013734983ec12ddaa535d42704b5e4cee90 (diff) |
- CVE-2006-5051: Fix an unsafe signal hander reported by Mark Dowd. The
signal handler was vulnerable to a race condition that could be
exploited to perform a pre-authentication denial of service. On
portable OpenSSH, this vulnerability could theoretically lead to
pre-authentication remote code execution if GSSAPI authentication is
enabled, but the likelihood of successful exploitation appears remote.
Diffstat (limited to 'auth.h')
-rw-r--r-- | auth.h | 1 |
1 files changed, 1 insertions, 0 deletions
@@ -49,6 +49,7 @@ typedef struct KbdintDevice KbdintDevice; | |||
49 | 49 | ||
50 | struct Authctxt { | 50 | struct Authctxt { |
51 | int success; | 51 | int success; |
52 | int authenticated; /* authenticated and alarms cancelled */ | ||
52 | int postponed; /* authentication needs another step */ | 53 | int postponed; /* authentication needs another step */ |
53 | int valid; /* user exists and is allowed to login */ | 54 | int valid; /* user exists and is allowed to login */ |
54 | int attempt; | 55 | int attempt; |