OpenSSH CBC Mode Information Disclosure Vulnerability

OpenSSH CBC Mode Information Disclosure Vulnerability

References:

HP Insight Control suite for Linux Homepage (HP)
InfoSec vulnerability disclosures Vulnerability in SSH (CPNI)
OpenSSH 5.2 (OpenSSH)
OpenSSH Homepage (OpenSSH)
Plaintext Recovery Attack Against SSH (SSH Communications Security)
SSH Communications Homepage (SSH Communications)
Technical Note 1708 Security Updates and Reflection (Attachmate)
OpenSSH security advisory: cbc.adv (Damien Miller )
Revised: OpenSSH security advisory: cbc.adv (Damien Miller )
AIX OpenSSH multiple vulnerabilities (IBM)
ASA-2008-503 - A Security Vulnerability in Solaris Secure Shell (SSH) May Expose (Avaya)
ASA-2009-406 openssh security, bug fix, and enhancement update (RHSA-2009-1287) (Avaya)
Attachmate Security Update for CSIRTUK Vulnerability #CPNI-957: Plaintext Recove (Attachmate)
CPNI-957037 VanDyke Security Advisory (Van Dyke)
OpenSSH Security Advisory: cbc.adv (OpenSSH)
RT Series Security FAQ (Yamaha)
Solution 247186 : A Security Vulnerability in Solaris Secure Shell (SSH) May (Sun)
Vulnerability Note VU#958563 SSH CBC vulnerability (US-CERT)

Privacy Statement
Copyright 2010, SecurityFocus