* Exploitation of vulnerability in SSH1 CRC-32 compensation @ 2001-12-14 0:06 Paul G. 2001-12-14 2:57 ` Corinna Vinschen 0 siblings, 1 reply; 3+ messages in thread From: Paul G. @ 2001-12-14 0:06 UTC (permalink / raw) To: cygwin Hi folks, Not sure if this even applies for Cygwin, but thought I'd ask: SSH CRC32 attack detection code contains remote integer overflow Description: http://www.kb.cert.org/vuls/id/945216 Is the version of OpenSSH that is currently in use for Cygwin vulnerable? Paul G. -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/ ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Exploitation of vulnerability in SSH1 CRC-32 compensation 2001-12-14 0:06 Exploitation of vulnerability in SSH1 CRC-32 compensation Paul G. @ 2001-12-14 2:57 ` Corinna Vinschen 2001-12-14 18:04 ` Paul G. 0 siblings, 1 reply; 3+ messages in thread From: Corinna Vinschen @ 2001-12-14 2:57 UTC (permalink / raw) To: cygwin On Thu, Dec 13, 2001 at 07:46:35PM -0800, Paul G. wrote: > Hi folks, > > Not sure if this even applies for Cygwin, but thought I'd ask: > > SSH CRC32 attack detection code contains remote integer overflow > > Description: http://www.kb.cert.org/vuls/id/945216 > > Is the version of OpenSSH that is currently in use for Cygwin vulnerable? http://www.kb.cert.org/CERT_WEB/vul-notes.nsf/id/JPLA-53TPWS Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Developer mailto:cygwin@cygwin.com Red Hat, Inc. -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/ ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Exploitation of vulnerability in SSH1 CRC-32 compensation 2001-12-14 2:57 ` Corinna Vinschen @ 2001-12-14 18:04 ` Paul G. 0 siblings, 0 replies; 3+ messages in thread From: Paul G. @ 2001-12-14 18:04 UTC (permalink / raw) To: cygwin On 14 Dec 2001 at 11:39, Corinna Vinschen wrote: > On Thu, Dec 13, 2001 at 07:46:35PM -0800, Paul G. wrote: > > Hi folks, > > > > Not sure if this even applies for Cygwin, but thought I'd ask: > > > > SSH CRC32 attack detection code contains remote integer overflow > > > > Description: http://www.kb.cert.org/vuls/id/945216 > > > > Is the version of OpenSSH that is currently in use for Cygwin > > vulnerable? > > http://www.kb.cert.org/CERT_WEB/vul-notes.nsf/id/JPLA-53TPWS Okey-dokey! ;-) (revision dated 12/13 -- ;-)) > > Corinna > > -- > Corinna Vinschen Please, send mails regarding Cygwin > to Cygwin Developer > mailto:cygwin@cygwin.com Red Hat, Inc. > > -- > Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple > Bug reporting: http://cygwin.com/bugs.html > Documentation: http://cygwin.com/docs.html > FAQ: http://cygwin.com/faq/ > > -- Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple Bug reporting: http://cygwin.com/bugs.html Documentation: http://cygwin.com/docs.html FAQ: http://cygwin.com/faq/ ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2001-12-15 1:25 UTC | newest] Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- 2001-12-14 0:06 Exploitation of vulnerability in SSH1 CRC-32 compensation Paul G. 2001-12-14 2:57 ` Corinna Vinschen 2001-12-14 18:04 ` Paul G.
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).