[CORE SDI ADVISORY] SSH1 CRC-32 compensation attack detector vulnerability

CORE SDI http://www.core-sdi.com SSH1 CRC-32 compensation attack detector vulnerability Date Published: 2001-02-08 Advisory ID: CORE-20010207 Bugtraq ID: 2347 CVE CAN: CAN-2001-0144 Title: SSH1 CRC-32 compensation attack detector vulnerability Class: Boundary Error Condition Remotely Exploitable:...

SSH CRC-32 Compensation Attack Remote Overflow

The remote host is running a version of SSH that is older than version 1.2.32, or a version of OpenSSH that is older than 2.3.0. The remote version of this software is vulnerable to a flaw known as a 'CRC-32 compensation attack' that could allow an attacker to gain a root shell on this host. C...