OpenSSH Remote Root Authentication Timing Side-Channel Weakness

A timing attack has been described in OpenSSH-portable that could assist a remote user in guessing the administrative password. This issue has been reported to occur in OpenSSH-portable on Linux systems, but it may affect other platforms and versions.


 

Privacy Statement
Copyright 2010, SecurityFocus