EUVD-1999-0815

Malware in sbrugna...

RSA Security RSAREF 2.0 - Buffer Overflow Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/843/info A buffer overflow vulnerability exists in the RSAREF cryptographic library which may possibly make any software using the library vulnerable. The vulnerability exists in four functions in the rsa.c source file. T...

CVE-1999-0834

CVE-1999-0834 involves a buffer overflow in RSAREF2 used by SSH up to 1.2.27 compiled with RSAREF2. The vulnerability stems from missing bounds checks in RSAREF2 RSA operations (RSAPrivateDecrypt/RSAPublicDecrypt) where the internal pkcsBlock can be overflowed by NN_Encode() writes, enabling arbi...

ssh-1.2.27-exploit.txt

Ok, here is the exploit for SSH-1.2.27 compiled with RSAREF2. It was tested against sshd running on Linux Redhat 6.0 and OpenBSD 2.6, from a Linux Redhat 6.0 box. Since its a modified ssh client, i will just send the diffs against an unpatched ssh-1.2.27 distribution. and i'll try to explain what...

CVE-1999-0834

Buffer overflow in RSAREF2 via the encryption and decryption functions in the RSAREF library...

BUFFER OVERFLOW IN RSAREF2

Advisory ID Internal CORE-120199 Advisory ID: CORE-120199 CVE Name: CVE-1999-0834 Bugtraq ID: 843 While researching the exploitability of a buffer overflow in SSH up to version 1.2.27, we discovered a second buffer overflow in the implmementation of the RSA algorithm in RSAREF2 from RSA Data...