[原文]Buffer overflow in ssh 1.2.26 client with Kerberos V enabled could allow remote attackers to cause a denial of service or execute arbitrary commands via a long DNS hostname that is not properly handled during TGT ticket passing.
Denial of Service,
Loss of Confidentiality,
Loss of Integrity,
Loss of Availability
A remote overflow exists in the commercial ssh client. When Kerberos V is enable, the ssh client fails to correctly parse a long DNS hostname containing 128 bytes or more during TGT ticket passing, resulting in a buffer overflow. With a specially crafted request, an attacker can cause a denial of service or execute arbitrary code, resulting in a loss of confidentiality, integrity, and/or availability.
Upgrade to version 1.2.27 or higher, as it has been reported to fix this vulnerability. It is also possible to correct the flaw by applying the vendor-supplied patch.