Date: Thu, 16 Dec 1999 14:04:35 -0700 From: Warner Losh <imp@village.org> To: Fernando Schapachnik <fpscha@via-net-works.net.ar> Cc: freebsd-security@FreeBSD.ORG Subject: Re: OpenSSH vulnerable to protocol flaw? Message-ID: <199912162104.OAA74270@harmony.village.org> In-Reply-To: Your message of "Thu, 16 Dec 1999 09:06:54 -0300." <199912161207.JAA22894@ns1.via-net-works.net.ar> References: <199912161207.JAA22894@ns1.via-net-works.net.ar>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <199912161207.JAA22894@ns1.via-net-works.net.ar> Fernando Schapachnik writes: : In recent post to bugtraq, someone stated that ssh1 was vulnerable to : a protocol flaw which could allow a malicious party to insert : arbitrary characters in the comunication channel. : : Anybody knows if OpenSSH is vulnerable to this? OpenSSH implements the ssh1 protocol, which is vulnerable to insertion attacks like the one described in bugtraq. I don't think they have changed the protocol at all, but I'm sure someone will tell me if I'm wrong. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199912162104.OAA74270>