Riverstone Networks Information for VU#389665
Multiple vendors' SSH transport layer protocol implementations contain vulnerabilities in key exchange and initialization
- Vendor Information Help Date Notified: 23 Dec 2002
- Statement Date:
- Date Updated: 02 Jan 2003
Riverstone's implemention of SSH is based on OpenSSH, which is not vulnerable to any of the particular tests that are run by the SSHredder test suite. However, while running the test suite under certain conditions the router can experience a problem causing it to reload.
For more details, please see http://www.riverstonenet.com/support/support_security.shtml and the security advisory at http://www.riverstonenet.com/support/tb0239-9.shtml.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.