2 results (0.001 seconds)

CVSS: 2.6EPSS: 61%CPEs: 167EXPL: 0

Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors. Error en el manejo del protocolo SSH en (1) SSH Tectia Client y Server y Connector 4v.0 a la v4.4.11, v5.0 a la v5.2.4, y v5.3 a la v5.3.8; Client y Server y ConnectSecure v6.0 a la v6.0.4; Server para Linux sobre IBM System z v6.0.4; Server para IBM z/OS v5.5.1 y anteriores, v6.0.0, y v6.0.1; y Client v4.0-J a la v4.3.3-J y v4.0-K a la v4.3.10-K; y (2) OpenSSH v4.7p1 y posiblemente otras versiones, cuando usan un algoritmo de bloque cifrado en el modo Cipher Block Chaining (CBC), facilita a los atacantes remotos el conseguir cierta información en texto plano desde cualquier bloque de texto cifrado de su elección en una sessión SSH mediante vectores de ataque desconocidos. • http://isc.sans.org/diary.html?storyid=5366 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html http://marc.info/?l=bugtraq&m=125017764422557&w=2 http://openssh.org/txt/cbc.adv http://osvdb.org/49872 http://osvdb.org/50035 http://osvdb.org/50036 http://rhn.redhat.com/errata/RHSA-2009-1287.html http://secunia.com/advisories/32740 http://secunia.com/advisories/32760 http:/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.0EPSS: 2%CPEs: 4EXPL: 0

SSH Tectia Client/Server/Connector 5.1.0 and earlier, Manager 2.2.0 and earlier, and other products, when using an RSA key with exponent 3, removes PKCS-1 padding before generating a hash, which allows remote attackers to forge a PKCS #1 v1.5 signature that is signed by that RSA key and prevents Tectia from correctly verifying X.509 and other certificates that use PKCS #1, a similar issue to CVE-2006-4339. SSH Tectia Client/Server/Connector 5.1.0 y anteriores, Manager 2.2.0 y anteriores, y otros productos, al usar una clave RSA con exponente 3, borra el relleno PKCS-1 antes de generar un hash, lo cual permite a atacantes remotos forjar una firma PKCS #1 v1.5 que es firmada por esa clave RSA y evita que Tectia verifique correctamente certificados X.509 y otros certificados que usan PKCS #1, un asunto similar a CVE-2006-4339. • http://secunia.com/advisories/22350 http://securitytracker.com/id?1017060 http://securitytracker.com/id?1017061 http://www.kb.cert.org/vuls/id/845620 http://www.ssh.com/company/news/2006/english/security/article/786 http://www.vupen.com/english/advisories/2006/4032 •