Vulnerability Note VU#25309
Weak CRC allows RC4 encrypted SSH1 packets to be modified without notice
There is an information integrity vulnerability in the SSH1 protocol that allows RC4 encrypted packets to be modified without notice.
Client has requested RC4 and server supports it.
Because the CRC has been modified to account for the "addition" of M, the CRC integrity check on the victim's SSH client will pass.
Attackers can modify or logically delete arbitrary SSH packets.
SSH Secure Communications recommends disabling RC4 in SSH1 or upgrading to SSH2.
Systems Affected (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|SSH Communications Security||Affected||-||06 Feb 2001|
|OpenSSH||Not Affected||-||29 Oct 2001|
CVSS Metrics (Learn More)
The CERT/CC thanks Antti Huima, Tuomas Aura, and Janne Salmi for their analysis and Tatu Ylonen for bringing this vulnerability to our attention.
This document was written by Jeffrey P. Lanza.
- CVE IDs: Unknown
- Date Public: 18 Jan 2001
- Date First Published: 18 Jan 2001
- Date Last Updated: 05 Mar 2002
- Severity Metric: 0.39
- Document Revision: 23
If you have feedback, comments, or additional information about this vulnerability, please send us email.