Bugtraq mailing list archives
Re: Analysis of SSH crc32 compensation attack detector exploit
From: Florian Weimer <Florian.Weimer () RUS Uni-Stuttgart DE>
Date: 19 Nov 2001 14:30:36 +0100
(nobody) writes:
Dave Dittrich <dittrich () cac washington edu> writes:The analysis has been updated to reflect this, and the script modified somewhat. The most recent version can be found at: http://staff.washington.edu/dittrich/misc/ssh-analysis.txt
On some architectures, otherwise vulnerable SSH 1.2.2x versions are not vulnerable because word16 and word32 are the same data type (UNICOS/mk on Cray T3E appears to be in this category, the same is probably true for a few other supercomputers.) -- Florian Weimer Florian.Weimer () RUS Uni-Stuttgart DE University of Stuttgart http://cert.uni-stuttgart.de/ RUS-CERT +49-711-685-5973/fax +49-711-685-5898
Current thread:
- Analysis of SSH crc32 compensation attack detector exploit Dave Dittrich (Nov 09)
- Re: Analysis of SSH crc32 compensation attack detector exploit Dave Dittrich (Nov 14)
- Re: Analysis of SSH crc32 compensation attack detector exploit Florian Weimer (Nov 19)
- Re: Analysis of SSH crc32 compensation attack detector exploit Dave Dittrich (Nov 14)