There is an information integrity vulnerability in the SSH1 protocol that allows packets encrypted with a block cipher to be modified without notice.
Attacker has a fragment of plaintext and its corresponding ciphertext.
An attacker can modify arbitrary packets within an encrypted SSH session.
Apply a patch from your vendor
This vulnerability was first published by CORE-SDI on June 11, 1998.
This document was written by Jeffrey P. Lanza.
|Date First Published:||2001-11-07|
|Date Last Updated:||2003-05-20 00:25 UTC|