Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
      • Vulnerability archives
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
  • Research
Home > Products and services > InfoSec vulnerability disclosures > Vulnerability in SSH

InfoSec vulnerability disclosures

Vulnerability in SSH

ID: 3716
Ref: CPNI-957037
Date: 14th November 2008
Version: 2.0
Title: Vulnerability in SSH
Abstract:

Vulnerability found in the network protocol SSH (Secure Shell), that allows data to be exchanged using a secure channel between two networked devices. A design flaw in the SSH specification allows an attacker with control over the network to recover up to 32 bits of plaintext from an SSH-protected connection in the standard configuration.


Applications affected: Windows; Linux; Unix;
Document link: Vulnerability in SSH
  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |