This is the mail archive of the
cygwin@cygwin.com
mailing list for the Cygwin project.
Exploitation of vulnerability in SSH1 CRC-32 compensation
- From: "Paul G." <pgarceau at qwest dot net>
- To: cygwin at cygwin dot com
- Date: Thu, 13 Dec 2001 19:46:35 -0800
- Subject: Exploitation of vulnerability in SSH1 CRC-32 compensation
- Organization: Paul G.
- Reply-to: pgarceau at qwest dot net
Hi folks,
Not sure if this even applies for Cygwin, but thought I'd ask:
SSH CRC32 attack detection code contains remote integer overflow
Description: http://www.kb.cert.org/vuls/id/945216
Is the version of OpenSSH that is currently in use for Cygwin vulnerable?
Paul G.
--
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html
Documentation: http://cygwin.com/docs.html
FAQ: http://cygwin.com/faq/