Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-13 12:08:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Merge branch 'ssh_kex' of https://github.com/MaxKellermann/zeek

Browse source 
* 'ssh_kex' of https://github.com/MaxKellermann/zeek:
  analyzer/protocol/ssh: fix crash vulnerability after duplicate KEX packet
This commit is contained in:
Jon Siwek 2020-02-12 00:04:40 -08:00
commit 05d7f26b85
1 changed files with 1 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

1
src/analyzer/protocol/ssh/ssh-protocol.pac
View file

@ -398,6 +398,7 @@ refine connection SSH_Conn += {
{
if ( *(client_list->Lookup(i)->AsStringVal()->AsString()) == *(server_list->Lookup(j)->AsStringVal()->AsString()) )
{
kex_algorithm_.free();
kex_algorithm_.init((const uint8 *) client_list->Lookup(i)->AsStringVal()->Bytes(),
client_list->Lookup(i)->AsStringVal()->Len());