Netscreen ssh v.1 vulnerable??
From: Brian G. Kirsch (bkirsch@olosec.com)Date: 05/24/02
- Previous message: Tomás F. Serna: "RV: [NGSEC] ngGame #1 - Web Authentication"
- Next in thread: Vladimir Parkhaev: "Re: Netscreen ssh v.1 vulnerable??"
- Reply: Vladimir Parkhaev: "Re: Netscreen ssh v.1 vulnerable??"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Brian G. Kirsch" <bkirsch@olosec.com> To: <pen-test@securityfocus.com> Date: Fri, 24 May 2002 12:12:49 -0700
In testing a Netscreen 5, I noticed that ssh v.1 compatibility is enabled
for remote management. The question is, is Netscreen vulnerable to the
various ssh v.1 vulnerabilities -- specifically the SSH1 CRC-32 compensation
attack detector vulnerability?
Thanks.
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
- Previous message: Tomás F. Serna: "RV: [NGSEC] ngGame #1 - Web Authentication"
- Next in thread: Vladimir Parkhaev: "Re: Netscreen ssh v.1 vulnerable??"
- Reply: Vladimir Parkhaev: "Re: Netscreen ssh v.1 vulnerable??"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
