Security Hole in SSH1 with RSAREF 160
Read the
CERT Advisory
carefully, because it's a bit complex. A buffer overrun in the RSAREF2 library, a common implementation of a common crypto algorithm, combines with a buffer overrun in version 1 of sshd to allow unauthorized execution of arbitrary code.
PGP is
not affected.
SSH2 is not affected. All versions of the free SSH1 are affected, but only "when --with-rsaref is explicitly supplied on the command line." (On my system, "ssh -V" tells me whether I compiled in RSAREF, presumably the same for both client and server.)
Security Hole in SSH1 with RSAREF More Login
Security Hole in SSH1 with RSAREF
Related Links Top of the: day, week, month.
Slashdot Top Deals