OpenSSH Remote Root Authentication Timing Side-Channel Weakness

OpenSSH Remote Root Authentication Timing Side-Channel Weakness

References:

Debian Bug report logs - #248747 - sshd: no delay on successful root login with (Debian)
Re: Fwd: [BID 7482, bug in OpenSSH (Still in FreeBSD-STABLE)] (des des no (Dag-Erling Smørgrav))
Re: OpenSSH/PAM timing attack allows remote users identificatio (Ethan Benson )
Re: OpenSSH/PAM timing attack allows remote users identification (Nicolas Couture )
Re: OpenSSH/PAM timing attack allows remote users identification (Marco Ivaldi )

Privacy Statement
Copyright 2010, SecurityFocus