diff options
| author | Colin Watson <cjwatson@debian.org> | 2006-09-29 11:36:40 +0000 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2006-09-29 11:36:40 +0000 |
| commit | b9438bbc073e792547318c8e343923748536529c (patch) | |
| tree | 267f9815b8386617219421d862be309b73758c6b /auth.h | |
| parent | 0b228013734983ec12ddaa535d42704b5e4cee90 (diff) | |
- CVE-2006-5051: Fix an unsafe signal hander reported by Mark Dowd. The
signal handler was vulnerable to a race condition that could be
exploited to perform a pre-authentication denial of service. On
portable OpenSSH, this vulnerability could theoretically lead to
pre-authentication remote code execution if GSSAPI authentication is
enabled, but the likelihood of successful exploitation appears remote.
Diffstat (limited to 'auth.h')
| -rw-r--r-- | auth.h | 1 |
1 files changed, 1 insertions, 0 deletions
| @@ -49,6 +49,7 @@ typedef struct KbdintDevice KbdintDevice; | |||
| 49 | 49 | ||
| 50 | struct Authctxt { | 50 | struct Authctxt { |
| 51 | int success; | 51 | int success; |
| 52 | int authenticated; /* authenticated and alarms cancelled */ | ||
| 52 | int postponed; /* authentication needs another step */ | 53 | int postponed; /* authentication needs another step */ |
| 53 | int valid; /* user exists and is allowed to login */ | 54 | int valid; /* user exists and is allowed to login */ |
| 54 | int attempt; | 55 | int attempt; |