249 matches found
CVE-1999-1085
The CVE-1999-1085 issue affects SSH1 protocol implementations (notably OpenSSH and SSH1-supporting SSH stacks) in CBC or CFB mode. A CRC-32 checksum weakness enables a known-plaintext attack to insert arbitrary data into an existing SSH stream between client and server, potentially allowing an at...
CVE-2001-0144
CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow...
CVE-2001-0144
Technical details about CVE-2001-0144 are not provided in the connected documents. The Initial Description notes an SSH1 CRC-32 overflow issue, but no vendor/version/exploit data is supplied here. Monitor for updates and disclose when more info becomes public.
PT-2001-1377 Ā· Core SdiĀ +1 Ā· Core Sdi Ssh1Ā +1
Name of the Vulnerable Software and Affected Versions: CORE SDI SSH1 affected versions not specified Description: The issue allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow in the CRC-32 compensation attack detector. Recommendations: At the...
[CORE SDI ADVISORY] SSH1 CRC-32 compensation attack detector vulnerability
CORE SDI http://www.core-sdi.com SSH1 CRC-32 compensation attack detector vulnerability Date Published: 2001-02-08 Advisory ID: CORE-20010207 Bugtraq ID: 2347 CVE CAN: CAN-2001-0144 Title: SSH1 CRC-32 compensation attack detector vulnerability Class: Boundary Error Condition Remotely Exploitable:...
SSH CRC-32 Compensation Attack Remote Overflow
The remote host is running a version of SSH that is older than version 1.2.32, or a version of OpenSSH that is older than 2.3.0. The remote version of this software is vulnerable to a flaw known as a 'CRC-32 compensation attack' that could allow an attacker to gain a root shell on this host. C...
Weak CRC allows last block of IDEA-encrypted SSH packet to be changed without notice
Overview There is an information integrity vulnerability in the SSH1 protocol that allows the last block of an IDEA-encrypted session to be modified without notice. Description Preconditions: Session is encrypted using IDEA cipher. Compression is disabled. SSH clients configured to use the IDEA...
Weak CRC allows RC4 encrypted SSH1 packets to be modified without notice
Overview There is an information integrity vulnerability in the SSH1 protocol that allows RC4 encrypted packets to be modified without notice. Description Preconditions: Client has requested RC4 and server supports it. Compression is disabled. When using the RC4 stream cipher, SSH1 uses a cyclic...
CVE-1999-1085
SSH 1.2.25, 1.2.23, and other versions, when used in in CBC Cipher Block Chaining or CFB Cipher Feedback 64 bits modes, allows remote attackers to insert arbitrary data into an existing stream between an SSH client and server by using a known plaintext attack and computing a valid CRC-32 checksum...