1 post • joined 23 May 2009
Late 90's SSH flaw
Hi, I was referring to this attack by CORE in 1998, which allows insertion of data into a session:
The article isn't clear that this wasn't OpenSSH flaw per se, although it certainly was based on the SSH code that later became OpenSSH. It was a flaw in the SSH protocol version 1 itself, not a particular implementation.
Since the attack Albrecht et al are discussing is a protocol problem, it is fair to compare it to other protocol problems SSH has had in the past. It's good they found this problem, and it's good to see the SSH protocol is getting more secure over time.
- Vid Google opens Inbox – email for people too thick to handle email
- RUMPY PUMPY: Bone says humans BONED Neanderthals 50,000 years B.C.
- Pic Forget the $2499 5K iMac – today we reveal Apple's most expensive computer to date
- Geek's Guide to Britain Kingston's aviation empire: From industry firsts to Airfix heroes
- Is your home or office internet gateway one of '1.2 MILLION' wide open to hijacking?