Exploitation of vulnerability in SSH1 CRC-32 compensation

Paul G. pgarceau@qwest.net
Fri Dec 14 18:04:00 GMT 2001



On 14 Dec 2001 at 11:39, Corinna Vinschen wrote:

> On Thu, Dec 13, 2001 at 07:46:35PM -0800, Paul G. wrote:
> > Hi folks, 
> > 
> > 	Not sure if this even applies for Cygwin, but thought I'd ask: 
> > 
> > 	SSH CRC32 attack detection code contains remote integer overflow 
> > 
> > 	Description:  http://www.kb.cert.org/vuls/id/945216 
> > 
> > 	Is the version of OpenSSH that is currently in use for Cygwin
> > vulnerable? 
> 
> http://www.kb.cert.org/CERT_WEB/vul-notes.nsf/id/JPLA-53TPWS

	Okey-dokey!  ;-)  (revision dated 12/13 -- ;-))
> 
> Corinna
> 
> -- 
> Corinna Vinschen                  Please, send mails regarding Cygwin
> to Cygwin Developer                               
> mailto:cygwin@cygwin.com Red Hat, Inc.
> 
> --
> Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
> Bug reporting:         http://cygwin.com/bugs.html
> Documentation:         http://cygwin.com/docs.html
> FAQ:                   http://cygwin.com/faq/
> 
> 



--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Bug reporting:         http://cygwin.com/bugs.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/



More information about the Cygwin mailing list