|
Secure shell (SSH) protocol implementations from several vendors are subject to a number of potentially serious security flaws, security clearing house CERT warned earlier this week. Read further down the noticeand you'll see that most major system vendors - and OpenSSH - are immune, but there's some work ahead for users of SSH implementations for Pragma Systems, F-Secure and others. The flaws (such as they are) could allow a remote attacker to execute arbitrary code with the privileges of a particular SSH process or cause systems to crash. The vulnerabilities affect SSH clients and servers, and they occur before user authentication takes place. The vulnerabilities, including ever-popular buffer overflow bugs, in several SSH implementations came to light after tests using a suite called SSHredder
|
Linear Mode
