Computer Cops - Researchers Warn of Serious SSH Flaws

New User? Need help? Click here to register for free! Registering removes the advertisements.

	Donations

	If you found this site helpful, please donate to help keep it online Don't want to use PayPal? Try our physical address

	Prime Choice

	· Head Lines · Advisories (All) · Dnld of the Week! · CCSP News Ltrs · Find a Cure! · Ian T's (AR 23) · Marcia's (CO8) · Bill G's (CO11) · Paul's (AR 5) · Robin's (AR 2) · Ian T's Archive · Marcia's Archive · Bill G's Archive · Paul's Archive · Robin's Archive

	Security Central

	· Home · Wireless · Bookmarks · CLSID · Columbia · Community · Downloads · Encyclopedia · Feedback (send) · Forums · Gallery · Giveaways · HijackThis · Journal · Members List · My Downloads · PremChat · Premium · Private Messages · Proxomitron · Quizz · RegChat · Reviews · Google Search · Sections · Software · Statistics · Stories Archive · Submit News · Surveys · Top · Topics · Web Links · Your Account

	CCSP Toolkit

	· Email Virus Scan · UDP Port Scanner · TCP Port Scanner · Trojan TCP Scan · Reveal Your IP · Algorithms · Whois · nmap port scanner · IPs Banned [?]

Survey

How much can you give to keep Computer Cops online?

	$10 up to $25 per year?
	$25 up to $50 per year?
	$10 up to $25 per month?
	$25 up to $50 per month?
	More than $50 per year?
	More than $50 per month?
	One time only?
	Other (please comment)

Results
Polls

Votes: 989
Comments: 20

Translate

prot: Vulnerabilities: Researchers Warn of Serious SSH Flaws

Security researchers have discovered a set of vulnerabilities in several vendors' implementations of the SSHv2 protocol that could give an attacker the ability to execute code on remote machines. The new flaws are especially dangerous in that they occur before authentication takes place.

The SSH (secure shell) protocol is a transport layer protocol that enables clients to connect securely to a remote server. It's often used for remote administration purposes.

Although the results of exploiting one of these vulnerabilities varies by vendor and vulnerability, attackers could, in some cases, run code on remote machines or launch denial-of-service attacks. Rapid 7 Inc., the New York-based security company that found the vulnerabilities, only tested SSHv2 implementations but said that some SSHv1 implementations may be vulnerable as well.

eWeek

Posted on Wednesday, 18 December 2002 @ 00:00:00 EST by Paul

	Login

	Nickname Password · New User? · Click here to create a registered account.

	Related Links

	· TrackBack (0) · HotScripts · W3 Consortium · TCP/IP Protocol Suite · More about Protocols · News by Paul Most read story about Protocols: Free Online Port Scanning Utilities

	Article Rating

	Average Score: 0 Votes: 0 Please take a second and vote for this article:

	Options

	Printer Friendly Page

"Login" | Login/Create an Account | 0 comments

Threshold

The comments are owned by the poster. We aren't responsible for their content.

No Comments Allowed for Anonymous, please register


	Home · Topics · Submit News · Top 10 This entire site, Cops Themes, and Computer Cops are © 2002 - 2004 Computer Cops, LLC. All rights reserved. You can syndicate our news using the file RSS 0.91, ultramode.txt, or RSS 1.0. Acceptable Use Policy. Use signifies your agreement. Engine Copyright © 2002 by PHP-Nuke, GNU/GPL Licensed. ICRA Member. Paul Laudanski, Member of Computer Cops, LLC Server Load: 708 pages served in previous 5 minutes. Page Rendered: 0.202 seconds.