Re: ssh and banners

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Lunes 17 Agosto 2009 15:48:18 Thomas K Gamble escribió:
> I have noticed that, beginning with the 5.1p1 release, ssh no longer
> interprets ansi escape sequences embeded in the /etc/banner or /etc/issue
> files.  Was this deliberate, perhaps due to some security issue, or is this
> a bug that has crept into the code?  I can't find anything in the changelog
> that would be related to this.
>

Thomas, i really don't know if the people developing openssh  no longer 
support ansi on ssh client by security reasons. 

One thing is for sure.... Vt-100 escape characters (i mean \033 character) 
represent a potential vulnerability on client side sometimes.

Why?

Well, maybe not now, but, a couple years ago in some xterm+bash2 
configurations, escape characters enable you to exploit a bug that permit code 
execution. Combined with ssh, you could name it: remote code execution.

And more... some systems enable escape characters to do some things that could 
be considered privileged. 

And moreover... if you try on previous versions of ssh (with escape chars)... 
you could dissapear the prompt on the remote host (putting the same color on 
background and foreground with escape chars)... That could be considered a 
"innocent experiment", but is nasty.

Moreover, try to cat some of "urandom", and then, in some recent systems, 
(maybe a 1 or 2 years ago systems), see how the bash prompt changed... And see 
how sometimes things are executed after the ctlr-c



> I have verified that the 5.0p1 release and earlier do indeed interpret the
> ansi escape sequences properly.

-- 
Ing. Aaron G. Mizrachi P.    

http://www.unmanarc.com
Mobil 1: + 58 416-6143543
Mobil 2: + 58 424-2412503
BBPIN: 0x 247066C1

Attachment: signature.asc
Description: This is a digitally signed message part.


[Index of Archives]     [Open SSH Unix Development]     [Fedora Users]     [Fedora Desktop]     [Yosemite Backpacking]     [KDE Users]     [Gnome Users]

  Powered by Linux