Penetration Testing mailing list archives

Netscreen ssh v.1 vulnerable??

From: "Brian G. Kirsch" <bkirsch () olosec com>
Date: Fri, 24 May 2002 12:12:49 -0700

In testing a Netscreen 5, I noticed that ssh v.1 compatibility is enabled
for remote management.  The question is, is Netscreen vulnerable to the
various ssh v.1 vulnerabilities -- specifically the SSH1 CRC-32 compensation
attack detector vulnerability?

Thanks.


----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/

Current thread:

Netscreen ssh v.1 vulnerable?? Brian G. Kirsch (May 24)
- Re: Netscreen ssh v.1 vulnerable?? Vladimir Parkhaev (May 25)