SSH CRC-32 Compensation Attack Detector Vulnerability

Solution:
Patches have been made available by a number of vendors, as well as by CORE SDI.

F-Secure SSH Server earlier than version 5.0 are vulnerable to this issue. It is advisable to upgrade to the latest version of F-Secure SSH Server.

http://www.f-secure.com/news/2000/news_2001013000.shtml

SSH Secure Shell 3.0.1 and later are not vulnerable to this issue. Users are advised to obtain the newest version from the vendor.

http://commerce.ssh.com

Cisco users should contact the Technical Assistance Centre for patching/upgrading information.

NetScreen has released an advisory (NetScreen Security Alert 110602) which addresses this issue with new maintenance releases. Some updated maintenance releases are still pending. Users should refer to the information in the attached reference for details on obtaining fixes. Users are also advised to contact the vendor for exact details about affected versions and which upgrades are appropriate to their release.


Cisco IOS 12.1XR
  • Cisco IOS 12.1(5)XR2

  • Cisco IOS 12.1(5)YD2


Cisco IOS 12.1XD
  • Cisco IOS 12.2(1b)

  • Cisco IOS 12.2(3)


Cisco IOS 12.1XQ
  • Cisco IOS 12.2(1b)


Cisco IOS 12.1XJ
  • Cisco IOS 12.1(5)YB4


Cisco IOS 12.1EX
  • Cisco IOS 12.1(8a)E


Cisco IOS 12.1XI
  • Cisco IOS 12.2(1b)

  • Cisco IOS 12.2(3)


Cisco IOS 12.1XS
  • Cisco IOS 12.1(5)XS


Cisco IOS 12.2XE
  • Cisco IOS 12.2(1)XE


Cisco IOS 12.2T
  • Cisco IOS 12.2(2.2)T


Cisco IOS 12.1T
  • Cisco IOS 12.2(1b)

  • Cisco IOS 12.2(3)


Cisco IOS 12.1XV
  • Cisco IOS 12.1(5)XV3


Cisco IOS 12.1XA
  • Cisco IOS 12.2(1b)

  • Cisco IOS 12.2(3)


Cisco IOS 12.1YD
  • Cisco IOS 12.1(5)YD2


Cisco IOS 12.1XM
  • Cisco IOS 12.1(4)XM4


Cisco IOS 12.1YF
  • Cisco IOS 12.1(5)YF2


Cisco IOS 12.1XU
  • Cisco IOS 12.1(5)XU1

  • Cisco IOS 12.2(2)XA


Cisco IOS 12.1XC
  • Cisco IOS 12.2(1b)

  • Cisco IOS 12.2(3)


Cisco IOS 12.2
  • Cisco IOS 12.2(1b)

  • Cisco IOS 12.2(3)


Cisco IOS 12.1XY
  • Cisco IOS 12.1(5)XY6


Cisco IOS 12.1XL
  • Cisco IOS 12.2(1b)

  • Cisco IOS 12.2(3)


Cisco IOS 12.2XH
  • Cisco IOS 12.2(1)XH


Cisco IOS 12.1XT
  • Cisco IOS 12.1(3)XT3

  • Cisco IOS 12.1(5)YB4


Cisco IOS 12.1EC
  • Cisco IOS 12.1(6.5)EC3


Cisco IOS 12.1YC
  • Cisco IOS 12.1(5)YC1


Cisco IOS 12.1E
  • Cisco IOS 12.1(8a)E


Cisco IOS 12.2XA
  • Cisco IOS 12.2(2)XA


Cisco IOS 12.2XD
  • Cisco IOS 12.2(1)XD1


Cisco IOS 12.1YA
  • Cisco IOS 12.2(2)XB


Cisco IOS 12.1YB
  • Cisco IOS 12.1(5)YB4


Cisco IOS 12.1EZ
  • Cisco IOS 12.1(6)EZ2


Cisco IOS 12.1XG
  • Cisco IOS 12.1(5)XG5


Cisco IOS 12.2XQ
  • Cisco IOS 12.2(1)XQ


Cisco IOS 12.1XF
  • Cisco IOS 12.1(2)XF4


Cisco IOS 12.1XH
  • Cisco IOS 12.2(1b)

  • Cisco IOS 12.2(3)


Cisco IOS 12.1EY
  • Cisco IOS 12.1(6)EY


Cisco IOS 12.1XP
  • Cisco IOS 12.1(3)XP4

  • Cisco IOS 12.1(5)YB4


OpenSSH OpenSSH 1.2.2

SSH Communications Security SSH 1.2.24

SSH Communications Security SSH 1.2.25

SSH Communications Security SSH 1.2.26

SSH Communications Security SSH 1.2.27

SSH Communications Security SSH 1.2.28

SSH Communications Security SSH 1.2.29

OpenSSH OpenSSH 1.2.3

SSH Communications Security SSH 1.2.30

SSH Communications Security SSH 1.2.31

OpenSSH OpenSSH 2.1

OpenSSH OpenSSH 2.1.1

OpenSSH OpenSSH 2.2

Cisco PIX Firewall 5.2 (5)
  • Cisco PIX Firewall 5.2(6)


Cisco PIX Firewall 5.3 (1)
  • Cisco PIX Firewall 5.3(2)
 

Privacy Statement
Copyright 2010, SecurityFocus