Displaying 20 results from an estimated 300 matches similar to: "OpenSSH security advisory: cbc.adv"
2008 Nov 21
3
OpenSSH security advisory: cbc.adv
OpenSSH Security Advisory: cbc.adv
Regarding the "Plaintext Recovery Attack Against SSH" reported as
CPNI-957037[1]:
The OpenSSH team has been made aware of an attack against the SSH
protocol version 2 by researchers at the University of London.
Unfortunately, due to the report lacking any detailed technical
description of the attack and CPNI's unwillingness to share necessary
2015 Jun 15
5
OpenSSH and CBC
Hello,
I saw that OpenSSH release 6.7 removed all CBC ciphers by default. Is
CBC therefore considered as broken and unsecure (in general or SSH
implementation)?
I also read a lot of references (see below) but still not clear to me
what's the actual "security status" of CBC and why it has been removed
in general.
http://www.openssh.com/txt/release-6.7
sshd(8): The default set
2002 Jun 22
1
Provably Fixing the SSH Binary Packet Protocol
Hey,
Are there any plans in applying the changes suggested in "Provably Fixing
the SSH Binary Packet Protocol" by Mihir Bellare, Tadayoshi Kohno and
Chanathip Namprempre.
http://eprint.iacr.org/2002/078/
I guess this would require a new protocol specification and maybe the
task of the IETF Secure Shell Working Group.
Dries
--
Dries Schellekens
email: gwyllion at ulyssis.org
2009 Feb 23
0
Announce: OpenSSH 5.2 released
OpenSSH 5.2 has just been released. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.
OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0
implementation and includes sftp client and server support.
We have also recently completed another Internet SSH usage scan, the
results of which may be found at http://www.openssh.com/usage.html
Once again, we
2009 Feb 23
0
Announce: OpenSSH 5.2 released
OpenSSH 5.2 has just been released. It will be available from the
mirrors listed at http://www.openssh.com/ shortly.
OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0
implementation and includes sftp client and server support.
We have also recently completed another Internet SSH usage scan, the
results of which may be found at http://www.openssh.com/usage.html
Once again, we
2009 Feb 18
0
FW: Call for testing: openssh-5.2
Whoops -- sent to wrong address...
Mandriva 2008.1 openssh-SNAP-20090218 passes all tests.
> -----Original Message-----
> From: Scott Neugroschl
> Sent: Tuesday, February 17, 2009 10:06 AM
> To: Damien Miller
> Subject: RE: Call for testing: openssh-5.2
>
> Mandriva 2008.1 -- openssh-SNAP-20090218 passes
>
>
> -----Original Message-----
> From:
2009 Jul 07
2
Does anyone know anything about this "0-day" ssh vulnerability?
Hi all. I've looked at the archives and it seems to be quiet regarding
this supposed "0-day" openssh vulnerability and I'm wondering if anyone
here may have some insight or further information regarding it.
We've been monitoring things and the amount of speculative info flying
around is incredible. Some claim it's the CPNI-957037 issue, thus
affecting <5.2, others
2009 Feb 16
9
Call for testing: openssh-5.2
Hi,
OpenSSH 5.2 is almost ready for release, so we would appreciate testing
on as many platforms and systems as possible. This is primarily a bug-fix
release, to follow the feature-focused 5.1 release.
Snapshot releases for portable OpenSSH are available from
http://www.mindrot.org/openssh_snap/
The OpenBSD version is available in CVS HEAD:
http://www.openbsd.org/anoncvs.html
Portable
2008 Nov 23
0
Revised: OpenSSH security advisory: cbc.adv
Hi,
There was an error in the original advisory. The estimate of 32768
attempts to carry out a successful attack is incorrect. The correct
estimate is 11356 attempts. A revised version is now available at:
http://www.openssh.com/txt/cbc.adv
The advisory and its recommendations are otherwise unchanged.
-d
2008 Nov 23
0
Revised: OpenSSH security advisory: cbc.adv
Hi,
There was an error in the original advisory. The estimate of 32768
attempts to carry out a successful attack is incorrect. The correct
estimate is 11356 attempts. A revised version is now available at:
http://www.openssh.com/txt/cbc.adv
The advisory and its recommendations are otherwise unchanged.
-d
2002 Feb 06
1
Accesing glm results
Hi,
I want to generate sdome vectors with results from glm(), for later
processing. How can I extract the t values and the associated p values? I
suppose something starting with summary(g)$...
Thanks
iago
---
Bellare semper illicitum est
-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-
r-help mailing list -- Read http://www.ci.tuwien.ac.at/~hornik/R/R-FAQ.html
2008 Nov 18
0
Alleged OpenSSH vulnerability
Hi,There is an alleged OpenSSH vulnerability, see http://www.cpni.gov.uk/Products/alerts/3718.aspx.According to this vulnerability an attacker can potentially recover 32 bits of plaintext from an arbitrary block of ciphertext.
After having read the vulnerability note in more detail, my understanding is that the 32 bits of plaintext do not come from the exchange between the client and server of the
2007 Jul 12
0
FreeBSD Security Advisory FreeBSD-SA-07:05.libarchive
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-07:05.libarchive Security Advisory
The FreeBSD Project
Topic: Errors handling corrupt tar files in libarchive(3)
Category: core
Module: libarchive
2007 Jul 12
0
FreeBSD Security Advisory FreeBSD-SA-07:05.libarchive
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
=============================================================================
FreeBSD-SA-07:05.libarchive Security Advisory
The FreeBSD Project
Topic: Errors handling corrupt tar files in libarchive(3)
Category: core
Module: libarchive
2013 Feb 19
1
Dovecot auth works when tested with doveadm, but fails with Postfix
I have three postfix 2.9.5 servers: chombo, rush, yoshi. Chombo relays
to rush and yoshi for outbound email. Outbound relay requires SASL
authentication. Rush and yoshi run Dovecot 2.1.12 servers with simple
passwd-file backends.
If I create a new password hash for chombo's user, houseloki, on either
rush or yoshi:
# doveadm pw -u houseloki -p <password>
{CRAM-MD5}...
Then I
2007 Oct 29
0
aes cbc pad added to kernel software provider
Author: Anthony Scarpino <Anthony.Scarpino at Sun.COM>
Repository: /hg/zfs-crypto/zfs-crypto-gate
Latest revision: 8f164ec4380058ccbc31e7c8ab05c85d0c3d85c5
Total changesets: 1
Log message:
aes cbc pad added to kernel software provider
Files:
update: usr/src/common/crypto/aes/aes_cbc_crypt.c
update: usr/src/common/crypto/aes/aes_cbc_crypt.h
update: usr/src/uts/common/crypto/io/aes.c
2015 Jun 16
2
OpenSSH and CBC
Hi Gerhard,
This is not exactly true. CTR modes have the length field encrypted. etm
MAC modes and AES-GCM have the length field in cleartext.
CBC is dangerous because the length field is encrypted with CBC.
aes128-ctr + hmac-sha256 doesn't have any known vulnerability and
encrypts the packet length, but uses the bad practice of e&m.
chacha20-poly1305 encrypts both payload and packet
2013 Jul 30
1
fatal: cipher_init: EVP_CipherInit: set key failed for aes128-cbc [preauth]
Am I the only person to be seeing this log message from sshd:
fatal: cipher_init: EVP_CipherInit: set key failed for aes128-cbc [preauth]
?
(security/openssh-portable, with HPN patches and MIT Kerberos,
although Kerberos is not actually configured on this server.) A
work-around is to disable aes128-cbc in sshd_config, but it would be
nice not to have my logs spammed with this. Currently
2008 Jun 06
1
Need help with Decryption using blowfish CBC
Hello all,
Hoping someone can help me out here. I''ve burned almost a week trying
to figure out how to decrypt
an image file that has been encrypted using Blowfish CBC.
I found some code on the net and have modified as follows:
require ''openssl''
require ''digest/sha1''
ivArr = [0x0D,
0x0E,
0x0A,
0x0D,
0x0F,
0x0A,
0x0C,
0x0E
]
2010 Jun 14
3
Design of experiments for Choice-Based Conjoint Analysis (CBC)
Hello,
I would like to know if there is any function in R which allows to make
designs of experiments for Choice-Based Conjoint studies ?
I have already checked the topic on " design of experiments with R " and
looked at the different libraries.
I tried to make my design with the "optFedorov" function but I haven't found
how it can allow to have balanced design (with the