OpenSSH Ciphersuite Specification Information Disclosure Weakness

OpenSSH is prone to a security weakness that may allow attackers to downgrade the ciphersuite.

Successfully exploiting this issue in conjunction with other latent vulnerabilities may allow attackers to gain access to sensitive information that may aid in further attacks.

Releases prior to OpenSSH 2.9p2 are vulnerable.


 

Privacy Statement
Copyright 2010, SecurityFocus