search for: groenvall

...aemon installations (F-SECURE, OpenSSH, SSH from ssh.com, OSSH). Tested against: ** Vulnerable: SSH 1.2.x (ssh.com) -- all recent releases F-SECURE SSH 1.3.x -- all recent releases OpenSSH prior to 2.3.0 (unless SSH protocol 1 support is disabled) OSSH 1.5.7 (by Bjoern Groenvall) and other ssh1/OpenSSH derived daemons ** Not vulnerable: SSH2 (ssh.com): all 2.x releases NOTE: SSH2 installations with SSH1 fallback support are vulnerable OpenSSH 2.3.0 (problem fixed) SSH1 releases prior to 1.2.24 (vulnerable to crc attacks) Cisco SSH...

...ult: + fatal("key_fingerprint_ex: bad digest representation %d",dgst_representation); + break; + } + + memset(dgst_raw, 0, dgst_raw_len); + xfree(dgst_raw); + + return retval; +} + /* * Generate key fingerprint in ascii format. * Based on ideas and code from Bjoern Groenvall <bg at sics.se> --- ./openssh-2.5.1/ssh-keygen_original.c Sun Mar 4 00:49:31 2001 +++ ./openssh-2.5.1/ssh-keygen.c Sun Mar 4 00:52:56 2001 @@ -346,9 +346,22 @@ debug("try_load_public_key KEY_UNSPEC failed"); } if (success) { + + char *digest_sha1, *digest_bubblebabble; +...

...wrong modulus length. markus and me. - [serverloop.c] bugfix: check for space if child has terminated, from: iedowse at maths.tcd.ie - [ssh-add.1 ssh-add.c ssh-keygen.1 ssh-keygen.c sshconnect.c] [fingerprint.c fingerprint.h] rsa key fingerprints, idea from Bjoern Groenvall <bg at sics.se> - [ssh-agent.1] typo - [ssh.1] add OpenSSH information to AUTHOR section. okay markus@ - [sshd.c] force logging to stderr while loading private key file (lost while converting to new log-levels) 19991116 - Fix some Linux libc5 problems reported by Miles W...

...rable. LSH does not support SSH protocol 1. JavaSSH Not vulnerable. The Java Telnet/SSH Applet (http://www.mud.de/se/jta/) does not include CRC attack detection. A security note regarding Java SSH plugin can be found on: http://www.mud.de/se/jta/doc/plugins/SSH.html OSSH (by Bjoern Groenvall) OSSH 1.5.7 and below is vulnerable. The problem has been fixed in version 1.5.8 Cisco SSH Cisco SSH does not appear to be vulnerable. Solution/Vendor Information/Workaround: The patch included should be applied to the file deattack.c from the ssh-1.2.31 (and below) source distribution....

Dear SSH community, It has been brought to my attention that is has been disputed whether the term "SSH" can be used freely as a term to describe implementations compatible with the "SSH" protocols, due to trademark issues. In particular, the owner of the "SSH" trademark argues that implementations compatible with the "SSH" protocols shall no longer be