exploits , vulnerabilities , articles , OpenSSH CBC Mode Information Disclosure Vulnerability

Title	OpenSSH CBC Mode Information Disclosure Vulnerability
Published	2008-11-14-12:00AM
Updated	2008-11-17-06:04PM
Class	Design Error
CVE
Remote	Yes
Local	No
Credit	Martin Albrecht, Kenny Paterson, and Gaven Watson
Vulnerable	SSH Communications Security Tectia Server for Linux on IBM System z 6.0.4 SSH Communications Security Tectia Server for IBM z/OS 6.0.1 SSH Communications Security Tectia Server for IBM z/OS 6.0 SSH Communications Security Tectia Server for IBM z/OS 5.5.1 SSH Communications Security Tectia Server for IBM z/OS 5.5.1 SSH Communications Security Tectia Server 6.0.4 SSH Communications Security Tectia Server 5.3.8 SSH Communications Security Tectia Server 5.2.4 SSH Communications Security Tectia Server 4.4.11 SSH Communications Security Tectia Server 4.4.6 SSH Communications Security Tectia Server 4.4.5 SSH Communications Security Tectia Server 4.4.4 SSH Communications Security Tectia Server 4.4.3 SSH Communications Security Tectia Server 4.4.2 SSH Communications Security Tectia Server 4.4 SSH Communications Security Tectia ConnectSecure 6.0.4 SSH Communications Security Tectia Connector 5.3.8 SSH Communications Security Tectia Connector 5.2.4 SSH Communications Security Tectia Connector 4.4.11 SSH Communications Security Tectia Client 6.0.4 SSH Communications Security Tectia Client 5.3.8 SSH Communications Security Tectia Client 5.2.4 SSH Communications Security Tectia Client 4.4.11 SSH Communications Security Tectia Client 4.4.6 SSH Communications Security Tectia Client 4.4.5 SSH Communications Security Tectia Client 4.4.4 SSH Communications Security Tectia Client 4.4.3 SSH Communications Security Tectia Client 4.4.2 SSH Communications Security Tectia Client 4.4.1 SSH Communications Security Tectia Client 4.4 SSH Communications Security Tectia Client 4.3.9 k SSH Communications Security Tectia Client 4.3.8 K SSH Communications Security Tectia Client 4.3.2 J SSH Communications Security Tectia Client 4.3.1 J SSH Communications Security Tectia Client 4.3.3J SSH Communications Security Tectia Client 4.3.10K OpenSSH OpenSSH 4.7p1
Not Vulnerable	SSH Communications Security Tectia Server for Linux on IBM System z 6.0.5 SSH Communications Security Tectia Server for IBM z/OS 6.0.2 SSH Communications Security Tectia Server for IBM z/OS 5.5.2 SSH Communications Security Tectia Server for IBM z/OS 5.5.2 SSH Communications Security Tectia Server 6.0.5 SSH Communications Security Tectia Server 5.3.9 SSH Communications Security Tectia Server 5.2.5 SSH Communications Security Tectia Server 4.4.12 SSH Communications Security Tectia ConnectSecure 6.0.5 SSH Communications Security Tectia Client 6.0.5 SSH Communications Security Tectia Client 5.3.9 SSH Communications Security Tectia Client 5.2.5 SSH Communications Security Tectia Client 4.4.12 SSH Communications Security Tectia Client 4.3.4-J
Code	Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: content@securitydot.net.
TXT

Vulnerabilities - newest 10 RSS | More

2009-11-06 Google Chrome prior to 3.0.195.32 Multiple Security Vulnerabilities
2009-11-05 Asterisk SIP Response Username Enumeration Remote Information Disclosure Vulnerability
2009-11-05 Pablo Software Solutions Baby Web Server Multiple Request Remote Denial of Service Vulnerability
2009-11-05 Linux Kernel r128 Driver CCE Initialization NULL Pointer Dereference Denial of Service Vulnerability
2009-11-05 Prototype JavaScript Framework Cross-Site Ajax Request Vulnerability
2009-11-05 Drupal Organic Groups Vocabulary Group Title HTML Injection Vulnerability
2009-11-05 IBM PowerHA Cluster Management Unauthorized Access Vulnerability
2009-11-05 HP Power Manager Unspecified Remote Code Execution Vulnerability
2009-11-05 Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
2009-11-04 Roundcube Webmail index.PHP Cross-Site Scripting Vulnerability