Exploitation of vulnerability in SSH1 CRC-32 compensation
Corinna Vinschen
cygwin@cygwin.com
Fri Dec 14 02:57:00 GMT 2001
On Thu, Dec 13, 2001 at 07:46:35PM -0800, Paul G. wrote:
> Hi folks,
>
> Not sure if this even applies for Cygwin, but thought I'd ask:
>
> SSH CRC32 attack detection code contains remote integer overflow
>
> Description: http://www.kb.cert.org/vuls/id/945216
>
> Is the version of OpenSSH that is currently in use for Cygwin vulnerable?
http://www.kb.cert.org/CERT_WEB/vul-notes.nsf/id/JPLA-53TPWS
Corinna
--
Corinna Vinschen Please, send mails regarding Cygwin to
Cygwin Developer mailto:cygwin@cygwin.com
Red Hat, Inc.
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/
More information about the Cygwin
mailing list