CERT: SSH vulnerabilities.
Mark Street
jet at sonic.net
Tue Dec 17 13:31:27 PST 2002
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
http://www.kb.cert.org/vuls/id/389665#systems
Vulnerability Note VU#389665
Multiple vendors' SSH transport layer protocol implementations contain
vulnerabilities in key exchange and initialization
Overview
Secure shell (SSH) transport layer protocol implementations from different
vendors contain multiple vulnerabilities in code that handles key exchange
and initialization. Both SSH servers and clients are affected. A remote
attacker could execute arbitrary code with the privileges of the SSH process
or cause a denial of service.
- --
Mark Street, D.C.
Red Hat Certified Engineer
Cert# 807302251406074
- --
Key fingerprint = 3949 39E4 6317 7C3C 023E 2B1F 6FB3 06E7 D109 56C0
GPG key http://www.streetchiro.com/pubkey.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
iD8DBQE9/5e2b7MG59EJVsARAq3xAKDC6q+6lgM2BDfecZI2Uhx3AQ/ODwCfaTk6
4et6paIm+xd6jGucHGR/r/Q=
=pbyQ
-----END PGP SIGNATURE-----
More information about the talk
mailing list