username@server:~$ sudo /etc/init.d/ssh stop * Stopping OpenBSD Secure Shell server sshd [ OK ] username@server:~$ cd /usr/bin/ username@server:/usr/bin$ sudo gdb sshd GNU gdb 6.8-debian Copyright (C) 2008 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "i486-linux-gnu"... (no debugging symbols found) (gdb) run -d Starting program: /usr/sbin/sshd -d (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) [Thread debugging using libthread_db enabled] debug1: sshd version OpenSSH_5.1p1 Debian-5ubuntu1 [New Thread 0xb7b36ac0 (LWP 5138)] (no debugging symbols found) ---Type to continue, or q to quit--- (no debugging symbols found) (no debugging symbols found) debug1: read PEM private key done: type RSA debug1: Checking blacklist file /usr/share/ssh/blacklist.RSA-2048 debug1: Checking blacklist file /etc/ssh/blacklist.RSA-2048 debug1: private host key: #0 type 1 RSA debug1: read PEM private key done: type DSA debug1: Checking blacklist file /usr/share/ssh/blacklist.DSA-1024 debug1: Checking blacklist file /etc/ssh/blacklist.DSA-1024 debug1: private host key: #1 type 2 DSA debug1: rexec_argv[0]='/usr/sbin/sshd' debug1: rexec_argv[1]='-d' debug1: Bind to port 22 on 0.0.0.0. Server listening on 0.0.0.0 port 22. debug1: Bind to port 22 on ::. Server listening on :: port 22. debug1: Server will not fork when running in debugging mode. debug1: rexec start in 5 out 5 newsock 5 pipe -1 sock 8 [New process 5138] Executing new program: /usr/sbin/sshd (no debugging symbols found) warning: Cannot initialize thread debugging library: generic error warning: Cannot initialize thread debugging library: generic error (no debugging symbols found) [New process 5138] (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) (no debugging symbols found) [Thread debugging using libthread_db enabled] Segmentation fault username@server:/usr/bin$ debug1: inetd sockets after dupping: 3, 3 Connection from 192.168.1.10 port 43663 debug1: Client protocol version 2.0; client software version OpenSSH_4.2 debug1: match: OpenSSH_4.2 pat OpenSSH_4* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.1p1 Debian-5ubuntu1 debug1: permanently_set_uid: 110/65534 debug1: list_hostkey_types: ssh-rsa,ssh-dss debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: client->server aes128-cbc hmac-md5 none debug1: kex: server->client aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST received debug1: SSH2_MSG_KEX_DH_GEX_GROUP sent debug1: expecting SSH2_MSG_KEX_DH_GEX_INIT debug1: SSH2_MSG_KEX_DH_GEX_REPLY sent debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: KEX done debug1: userauth-request for user username service ssh-connection method none debug1: attempt 0 failures 0 debug1: PAM: initializing for "username" debug1: PAM: setting PAM_RHOST to "ferrer.ac.upc.es" debug1: PAM: setting PAM_TTY to "ssh" Failed none for username from 192.168.1.10 port 43663 ssh2 debug1: userauth-request for user username service ssh-connection method password debug1: attempt 1 failures 0 Error: Bad address. *** glibc detected *** sshd: username [priv]: malloc(): memory corruption: 0xb87f1270 *** ======= Backtrace: ========= /lib/tls/i686/cmov/libc.so.6[0xb7bc4276] /lib/tls/i686/cmov/libc.so.6(__libc_malloc+0x95)[0xb7bc59c5] /lib/libpam.so.0(pam_modutil_getpwnam+0x3e)[0xb7f8914e] /lib/security/pam_unix.so[0xb79847bc] /lib/security/pam_unix.so[0xb79848c1] /lib/security/pam_unix.so[0xb79823dd] /lib/security/pam_unix.so(pam_sm_authenticate+0x2bd)[0xb797fdfd] /lib/libpam.so.0[0xb7f843b1] /lib/libpam.so.0(pam_authenticate+0x4d)[0xb7f83bdd] sshd: username [priv][0xb7ff3586] sshd: username [priv][0xb7fd528f] sshd: username [priv][0xb7fea327] sshd: username [priv][0xb7feab0e] sshd: username [priv][0xb7feb589] sshd: username [priv](main+0x2d59)[0xb7fd3e99] /lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe5)[0xb7b68775] sshd: username [priv][0xb7fcff51] ======= Memory map: ======== b695c000-b6969000 r-xp 00000000 08:01 1573102 /lib/libgcc_s.so.1 b6969000-b696a000 r--p 0000c000 08:01 1573102 /lib/libgcc_s.so.1 b696a000-b696b000 rw-p 0000d000 08:01 1573102 /lib/libgcc_s.so.1 b697b000-b697c000 ---p b697b000 00:00 0 b697c000-b717c000 rw-p b697c000 00:00 0 b717c000-b717d000 ---p b717c000 00:00 0 b717d000-b797d000 rw-p b717d000 00:00 0 b797d000-b7989000 r-xp 00000000 08:01 1573398 /lib/security/pam_unix.so b7989000-b798a000 r--p 0000b000 08:01 1573398 /lib/security/pam_unix.so b798a000-b798b000 rw-p 0000c000 08:01 1573398 /lib/security/pam_unix.so b798b000-b7997000 rw-p b798b000 00:00 0 b7997000-b799d000 r-xp 00000000 08:01 1572935 /lib/libusb-0.1.so.4.4.4 b799d000-b799e000 r--p 00005000 08:01 1572935 /lib/libusb-0.1.so.4.4.4 b799e000-b79a0000 rw-p 00006000 08:01 1572935 /lib/libusb-0.1.so.4.4.4 b79a1000-b79a4000 r-xp 00000000 08:01 1573377 /lib/security/pam_limits.so b79a4000-b79a5000 r--p 00003000 08:01 1573377 /lib/security/pam_limits.so b79a5000-b79a6000 rw-p 00004000 08:01 1573377 /lib/security/pam_limits.so b79a6000-b79a8000 r-xp 00000000 08:01 1573381 /lib/security/pam_mail.so b79a8000-b79a9000 r--p 00001000 08:01 1573381 /lib/security/pam_mail.so b79a9000-b79aa000 rw-p 00002000 08:01 1573381 /lib/security/pam_mail.so b79aa000-b79ab000 r-xp 00000000 08:01 1573383 /lib/security/pam_motd.so b79ab000-b79ac000 r--p 00000000 08:01 1573383 /lib/security/pam_motd.so b79ac000-b79ad000 rw-p 00001000 08:01 1573383 /lib/security/pam_motd.so b79ad000-b79ae000 r-xp 00000000 08:01 1573385 /lib/security/pam_nologin.so b79ae000-b79af000 r--p 00000000 08:01 1573385 /lib/security/pam_nologin.so b79af000-b79b0000 rw-p 00001000 08:01 1573385 /lib/security/pam_nologin.so b79b0000-b79b5000 r-xp 00000000 08:01 1573057 /lib/tls/i686/cmov/libnss_dns-2.9.so b79b5000-b79b6000 r--p 00004000 08:01 1573057 /lib/tls/i686/cmov/libnss_dns-2.9.so b79b6000-b79b7000 rw-p 00005000 08:01 1573057 /lib/tls/i686/cmov/libnss_dns-2.9.so b79b7000-b79b9000 r-xp 00000000 08:01 8749802 /lib/libnss_mdns4_minimal.so.2 b79b9000-b79ba000 rw-p 00001000 08:01 8749802 /lib/libnss_mdns4_minimal.so.2 b79bb000-b79be000 r-xp 00000000 08:01 1771250 /usr/local/lib/libthinkfinger.so.0.0.0 b79be000-b79bf000 rw-p 00002000 08:01 1771250 /usr/local/lib/libthinkfinger.so.0.0.0 b79bf000-b79c2000 r-xp 00000000 08:01 1577166 /lib/security/pam_thinkfinger.so b79c2000-b79c3000 rw-p 00002000 08:01 1577166 /lib/security/pam_thinkfinger.so b79c4000-b79c7000 r-xp 00000000 08:01 1573301 /lib/security/pam_env.so b79c7000-b79c8000 r--p 00002000 08:01 1573301 /lib/security/pam_env.so b79c8000-b79c9000 rw-p 00003000 08:01 1573301 /lib/security/pam_env.so b79ca000-b7b0a000 rw-s 00000000 00:09 57791 /dev/zero (deleted) b7b0a000-b7b14000 r-xp 00000000 08:01 1573060 /lib/tls/i686/cmov/libnss_files-2.9.so b7b14000-b7b15000 r--p 00009000 08:01 1573060 /lib/tls/i686/cmov/libnss_files-2.9.so b7b15000-b7b16000 rw-p 0000a000 08:01 1573060 /lib/tls/i686/cmov/libnss_files-2.9.so b7b16000-b7b1f000 r-xp 00000000 08:01 1573065 /lib/tls/i686/cmovdebug1: do_cleanup username@server:/usr/bin$