• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

OpenSSH CBC Mode Information Disclosure Vulnerability

References:

• HP Insight Control suite for Linux Homepage (HP)
  
• InfoSec vulnerability disclosures Vulnerability in SSH (CPNI)
  
• OpenSSH 5.2 (OpenSSH)
  
• OpenSSH Homepage (OpenSSH)
  
• Plaintext Recovery Attack Against SSH (SSH Communications Security)
  
• SSH Communications Homepage (SSH Communications)
  
• OpenSSH security advisory: cbc.adv (Damien Miller )
  
• Revised: OpenSSH security advisory: cbc.adv (Damien Miller )
  
• ASA-2008-503 - A Security Vulnerability in Solaris Secure Shell (SSH) May Expose (Avaya)
  
• ASA-2009-406 openssh security, bug fix, and enhancement update (RHSA-2009-1287) (Avaya)
  
• Attachmate Security Update for CSIRTUK Vulnerability #CPNI-957: Plaintext Recove (Attachmate)
  
• CPNI-957037 VanDyke Security Advisory (Van Dyke)
  
• OpenSSH Security Advisory: cbc.adv (OpenSSH)
  
• RT Series Security FAQ (Yamaha)
  
• Solution 247186 : A Security Vulnerability in Solaris Secure Shell (SSH) May (Sun)
  
• Vulnerability Note VU#958563 SSH CBC vulnerability (US-CERT)