SOL16840 - SSH vulnerability CVE-1999-1085

OpenSSH supports the use of the SSH1 protocol; however, it is not enabled in default configurations. SSH1 can only be enabled by manually editing the OpenSSH configuration file. Note: As of February 17, 2015, AskF5 Security Advisory articles include the Severity value. Security Advisory articles...

SecureCRT <= 4.0 Beta 2 SSH1 Buffer Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ class Metasploit3 'SecureCRT %q This module exploi...

SecureCRT SSH1 protocol version string overflow

The remote host is using a vulnerable version of SecureCRT, a SSH/Telnet client built for Microsoft Windows operation systems. It has been reported that SecureCRT contain a remote buffer overflow allowing an SSH server to execute arbitrary command via a specially long SSH1 protocol version string...

SecureCRT SSH1 protocol version string overflow

The remote host is using a vulnerable version of SecureCRT, a SSH/Telnet client built for Microsoft Windows operation systems. SPDX-FileCopyrightText: 2004 David Maciejak Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

SecureCRT SSH-1 Protocol Version String Remote Overflow

The remote host is using a vulnerable version of SecureCRT, a SSH/Telnet client built for Microsoft Windows operating systems. It has been reported that SecureCRT contains a remote buffer overflow allowing an SSH server to execute arbitrary commands via an especially long SSH1 protocol version...

Vandyke Software SecureCRT contains buffer overflow vulnerability in password handling code

Overview SecureCRT is vulnerable to buffer overflow from improper handling of long password input. Description SecureCRT is a terminal emulator and SSH client for Windows. If the SSH1 protocol is used and the user enters a password 300 characters or more in length, SecureCRT will crash, with the...

SecureCRT 2.4/3.x/4.0 - SSH1 Identifier String Buffer Overflow (2)

// source: https://www.securityfocus.com/bid/5287/info The SecureCRT client is prone to a buffer-overflow condition when attempting to handle an overly long SSH1 protocol identifier string. Reportedly, an attacker can exploit this issue via a malicious server. Exploiting this issue may allow an...

SecureCRT 2.43.x4.0 - SSH1 Identifier String Buffer Overflow (2)

SecureCRT 2.43.x4.0 - SSH1 Identifier String Buffer Overflow 2 // source: https://www.securityfocus.com/bid/5287/info The SecureCRT client is prone to a buffer-overflow condition when attempting to handle an overly long SSH1 protocol identifier string. Reportedly, an attacker can exploit this iss...

Weak CRC allows packet injection into SSH sessions encrypted with block ciphers

Overview There is an information integrity vulnerability in the SSH1 protocol that allows packets encrypted with a block cipher to be modified without notice. Description Preconditions: Attacker has a fragment of plaintext and its corresponding ciphertext. Attacker must be able to actively...

SSH CRC32 attack detection code contains remote integer overflow

Overview There is a remote integer overflow vulnerability in several implementations of the SSH1 protocol that allows an attacker to execute arbitrary code with the privileges of the SSH daemon, typically root. Description There is a remote integer overflow vulnerability in several implementation...

FreeBSD-SA-01:24.ssh

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:24 Security Advisory FreeBSD, Inc. Topic: SSH1 implementations may allow remote system, data compromise Category: core/ports Module: openssh, ssh Announced: 2001-02-12...

SSH 1.2.30 - Daemon Logging Failure

source: https://www.securityfocus.com/bid/2345/info SSH1 is the implementation of the Secure Shell communication protocol by SSH Communications. SSH1 is version 1 of the protocol specified by IETF draft to protect the integrity of traffic over the network. A problem with the implementation of the...

Bug in SSH1 secure-RPC support can expose users&#39; private keys

Hello all, There is a bug in SSH-1.2.30 involving Secure RPC. The patch for this is available at http://www.ssh.com/patches.html. The explanation and bug was submitted by Richard Silverman [email protected], and his explanation of the bug is below. The SSH1 protocol is not formally supported by SSH...

Weak CRC allows RC4 encrypted SSH1 packets to be modified without notice

Overview There is an information integrity vulnerability in the SSH1 protocol that allows RC4 encrypted packets to be modified without notice. Description Preconditions: Client has requested RC4 and server supports it. Compression is disabled. When using the RC4 stream cipher, SSH1 uses a cyclic...