similar to: OpenSSL ASN.1 vulnerability: sshd not affected

Functionality request for supporting Digital Signatures for RSA and DSS Public Key Algorithms in alignment with NIST SP800-131A. I assume this has been asked before, but I could not find in the archives. Support of "ssh-rsa-sha256" and "ssh-dss-sha256" public key algorithms for OpenSSH? I know Suite B Algorithms and x509 SSH Extension Algorithms are supported, but not a

We recently upgraded from an older version of SSH to OpenSSH 2.5.1p1 (OpenSSH_2.5.1p1, SSH protocols 1.5/2.0, OpenSSL 0x0090600f) and are having problems on just a few hosts in our environment. The other 200 systems are working fine. Every once in a blue-moon it will connect with version 2. When I try to connect to or from one of these hosts using SSH2 I get the following error (I have sshd -d

Using OpenSSH 2.3.1 client and OpenSSL 0.9.6a When trying to ssh to OpenSSH server of higher versions SSH-1.99-OpenSSH_2.5.2p2 or such, I see error in RSA key exchange: RSA_verify(..)routine. I see: error at:int RSA_verify(int dtype, unsigned char *m, unsigned int m_len, unsigned char *sigbuf, unsigned int siglen, RSA *rsa) { int i,ret=0,sigtype; unsigned char *p,*s;

Host based authentication does not seem to be working for us after upgrading to openssh-3.4p1 (we were at openssh-3.1p1) (openssl is at 0.96d). Any time we try to connect from another unix box also running openssh-3.4p1, we get the following error (on the server side) and host based auth fails (it falls back to password prompt). sshd[15038]: error: ssh_rsa_verify: RSA_verify failed:

Hi all. Im having a bit of a problem. I have about 20 Samba servers all over the country on 256/512 WAN links. We just upgraded our primary NT4 domain to mixed-mode Active Directory on Windows 2003. In addition to that we have a native-mode Active Directory domain on Windows 2003. We were planning on merging a couple of NT4 domains into 1 native mode Active Directory domain, but plans have

Does anyone knows if there is a patch for OpenSSH in order to make it work with 0.9.8r OpenSSL in FIPS Mode ? I'm having problem with the RSA_public_decrypt() function that is failing in FIPS Mode, I changed it to use RSA_verify instead and setting the flag "RSA_FLAG_NON_FIPS_ALLOW", and it's working fine now, but I'm not sure if this is allowed in FIPS Mode, does anyone

Our smallest network has just three systems permanently attached to a 100/1000 router.? There is one additional port available to temporarily plug in a laptop.? The largest systems are both Dells, one running Windows 7 and one running CentOS 6.7.? The Windows 7 system supports three flavors of Linux as virtual machines.? The CentOS system is often used for data file import from USB-attached

This is debugs seen on server, whose keys are not accepted by the client: debug1: Seeding random number generator debug1: sshd version OpenSSH_2.5.2p2 debug1: load_private_key_autodetect: type 0 RSA1 debug1: read SSH2 private key done: name rsa w/o comment success 1 debug1: load_private_key_autodetect: type 1 RSA debug1: read SSH2 private key done: name dsa w/o comment success 1 debug1:

Andrea Barisani a ?crit : > we've tried contacting Jean-Marc Valin but email address bounces. What email address did you use? This email address has always been listed for Speex. > We > published yesterday an advisory about libfishsound, you can find it at the > following URL: > > http://www.ocert.org/advisories/ocert-2008-2.html > > The issues seems to affect

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi, since Icecast <=1.3.12 has been affected by a cross-site scripting vulnerability in the status display (s. <http://securitytracker.com/alerts/2004/Aug/1011046.html> and <http://www.debian.org/security/2004/dsa-541>) it appears to be unclear so far if Icecast 2.x is vulnerable too. Can anyone of you maybe confirm it is affected/not

Hi folks, we've tried contacting Jean-Marc Valin but email address bounces. We published yesterday an advisory about libfishsound, you can find it at the following URL: http://www.ocert.org/advisories/ocert-2008-2.html The issues seems to affect Speex (since the code is the same) versions <= 1.1.12. While the 1.2beta branch is not vulnerable we advise that you fix with a security release

https://bugzilla.mindrot.org/show_bug.cgi?id=2460 Bug ID: 2460 Summary: Non-zero return values are not properly returned from openssh_RSA_verify Product: Portable OpenSSH Version: 7.1p1 Hardware: All OS: All Status: NEW Severity: normal Priority: P5 Component: sshd

We have OpenSSH built against a static version of the OpenSSL library. Do the recent OpenSSL vulnerabilities necessitate a rebuild of OpenSSH? http://www.openssl.org/news/secadv_20030930.txt >From the description of the four bugs, I'm inclined to think not. -- albert chin (china at thewrittenword.com)

Firstly, amazing software, props to all the developers. I'm trying to compile the latest asterisk cvs checkout and keep getting an error which I can't solve, any help would be much appreciated - make[1]: Leaving directory `/usr/src/asterisk/stdtime' if [ -d CVS ] && ! [ -f .version ]; then echo CVS-HEAD-05/17/04-16:45:34 > .version; fi for x in res channels pbx apps

<gloat>Well, that''s me booked in for RailsConf in september :0)</gloat> Who else is going? Steve

Package: logcheck-database Version: 1.2.63 > Apr 28 17:02:39 naam dkim-filter[15536]: 570BA180CE: bad signature data > Apr 28 17:03:20 naam dkim-filter[15536]: A08D2180CE: bad signature data > Apr 28 17:16:40 naam dkim-filter[15536]: BA397180CE SSL error:04077068:rsa routines:RSA_verify:bad signature > Apr 28 17:16:40 naam dkim-filter[15536]: BA397180CE: bad signature data > Apr 28

Hi all. Julien Tinnes and Tavis Ormandy from the Google Security Team have recently found a Linux kernel vulnerability which affects all 2.4 and 2.6 kernels since 2001 on all architectures. Please read the announcement on LWM: http://lwn.net/Articles/347006/ for further information about the vulnerability and the exploit which has been provided by Brad Spengler (you will find updates on his

New NUT install dealing with three APC Smart-UPS 5000s, two of which have AP9617 and the third has a AP9619 card. The SNMPv3 configurations on all three are exactly the same. This is confirmed by snmpget calls that work just fine: snmpget -Cf -v3 -u [...] -l authPriv -A '[...]' -X '[...]' -a MD5 -x DES [upsname] .1.3.6.1.4.1.318.1.1.1.1.1.1.0 snmp-ups can query all three

Package: logcheck-database Version: 1.3.8 11 hex digits, and "no" diff -ur logcheck-1.3.8.orig/rulefiles/linux/ignore.d.server/dkim-filter logcheck-1.3.8/rulefiles/linux/ignore.d.server/dkim-filter --- logcheck-1.3.8.orig/rulefiles/linux/ignore.d.server/dkim-filter 2008-05-22 04:20:58.000000000 -0400 +++ logcheck-1.3.8/rulefiles/linux/ignore.d.server/dkim-filter 2010-05-04

Hi! I am using a 377GB ext3-filesystem with evms, spanned over two disks. This filesystem has worked for more than two years without any problems, it stores around 30.000 images with sizes between 50kb and 200mb. Recently, I noticed that images started to disappear. A fsck.ext3 (which I've unfortunately never run before) revealed a lot of problems, which I repaired. A log is attached. Ext3