Full Disclosure mailing list archives
Re: OpenSSH Security Advisory: gcmrekey.adv
From: yersinia <yersinia.spiros () gmail com>
Date: Sat, 9 Nov 2013 09:59:06 +0100
On Fri, Nov 8, 2013 at 7:47 PM, coderman <coderman () gmail com> wrote:
surprised not a peep about this one here yet,... hmmm a fun one ;) we are accustomed to old software adding risk; new (secondary effects of combined AUTH+ENC modes) also carries risk!
Well know possibility, yes. In any case the problem is well know everywhere already https://security-tracker.debian.org/tracker/CVE-2013-4548 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4548 Best _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- OpenSSH Security Advisory: gcmrekey.adv coderman (Nov 08)
- Re: OpenSSH Security Advisory: gcmrekey.adv yersinia (Nov 09)
- Re: OpenSSH Security Advisory: gcmrekey.adv CERT OPS Marienfeldt (Nov 09)
- Re: OpenSSH Security Advisory: gcmrekey.adv coderman (Nov 08)
- <Possible follow-ups>
- Re: OpenSSH Security Advisory: gcmrekey.adv Harry Hoffman (Nov 08)
- Re: OpenSSH Security Advisory: gcmrekey.adv Bob Man Van Kim (Nov 09)
- Re: OpenSSH Security Advisory: gcmrekey.adv coderman (Nov 09)
- Re: OpenSSH Security Advisory: gcmrekey.adv Bob Man Van Kim (Nov 09)