exploits , vulnerabilities , articles , OpenSSH CBC Mode Information Disclosure Vulnerability

Title	OpenSSH CBC Mode Information Disclosure Vulnerability
Published	2008-11-14-12:00AM
Updated	2008-11-17-06:04PM
Class	Design Error
CVE
Remote	Yes
Local	No
Credit	Martin Albrecht, Kenny Paterson, and Gaven Watson
Vulnerable	SSH Communications Security Tectia Server for Linux on IBM System z 6.0.4 SSH Communications Security Tectia Server for IBM z/OS 6.0.1 SSH Communications Security Tectia Server for IBM z/OS 6.0 SSH Communications Security Tectia Server for IBM z/OS 5.5.1 SSH Communications Security Tectia Server for IBM z/OS 5.5.1 SSH Communications Security Tectia Server 6.0.4 SSH Communications Security Tectia Server 5.3.8 SSH Communications Security Tectia Server 5.2.4 SSH Communications Security Tectia Server 4.4.11 SSH Communications Security Tectia Server 4.4.6 SSH Communications Security Tectia Server 4.4.5 SSH Communications Security Tectia Server 4.4.4 SSH Communications Security Tectia Server 4.4.3 SSH Communications Security Tectia Server 4.4.2 SSH Communications Security Tectia Server 4.4 SSH Communications Security Tectia ConnectSecure 6.0.4 SSH Communications Security Tectia Connector 5.3.8 SSH Communications Security Tectia Connector 5.2.4 SSH Communications Security Tectia Connector 4.4.11 SSH Communications Security Tectia Client 6.0.4 SSH Communications Security Tectia Client 5.3.8 SSH Communications Security Tectia Client 5.2.4 SSH Communications Security Tectia Client 4.4.11 SSH Communications Security Tectia Client 4.4.6 SSH Communications Security Tectia Client 4.4.5 SSH Communications Security Tectia Client 4.4.4 SSH Communications Security Tectia Client 4.4.3 SSH Communications Security Tectia Client 4.4.2 SSH Communications Security Tectia Client 4.4.1 SSH Communications Security Tectia Client 4.4 SSH Communications Security Tectia Client 4.3.9 k SSH Communications Security Tectia Client 4.3.8 K SSH Communications Security Tectia Client 4.3.2 J SSH Communications Security Tectia Client 4.3.1 J SSH Communications Security Tectia Client 4.3.3J SSH Communications Security Tectia Client 4.3.10K OpenSSH OpenSSH 4.7p1
Not Vulnerable	SSH Communications Security Tectia Server for Linux on IBM System z 6.0.5 SSH Communications Security Tectia Server for IBM z/OS 6.0.2 SSH Communications Security Tectia Server for IBM z/OS 5.5.2 SSH Communications Security Tectia Server for IBM z/OS 5.5.2 SSH Communications Security Tectia Server 6.0.5 SSH Communications Security Tectia Server 5.3.9 SSH Communications Security Tectia Server 5.2.5 SSH Communications Security Tectia Server 4.4.12 SSH Communications Security Tectia ConnectSecure 6.0.5 SSH Communications Security Tectia Client 6.0.5 SSH Communications Security Tectia Client 5.3.9 SSH Communications Security Tectia Client 5.2.5 SSH Communications Security Tectia Client 4.4.12 SSH Communications Security Tectia Client 4.3.4-J
Code	Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: content@securitydot.net.
TXT

Vulnerabilities - newest 10 RSS | More

2009-11-30 Power Phlogger Cross-site Scripting Vulnerability
2009-11-30 HP Operations Dashboard Portal Default Manager Account Remote Security Vulnerability
2009-11-30 Robo-FTP Client Server Response Handling Unspecified Remote Buffer Overflow Vulnerability
2009-11-30 DotNetNuke Cross Site Scripting and Information Disclosure Vulnerabilities
2009-11-26 ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
2009-11-26 America Online ICQ ActiveX Control Remote Code Execution Vulnerability
2009-11-26 Novell eDirectory iMonitor HTTPSTK Buffer Overflow Vulnerability
2009-11-25 Mozilla Firefox and SeaMonkey Download Filename Spoofing Vulnerability
2009-11-25 XM Easy Personal FTP Server File/Folder Remote Denial of Service Vulnerability
2009-11-25 Subscribe to Comments Prior to 2.1 Multiple Unspecified Cross Site Scripting Vulnerabilities