Notified: November 07, 2008 Updated: January 12, 2009
VShell® version 3.5.1 and earlier, SecureCRT® version 6.1.2 and earlier, SecureFX® version 6.1.2 and earlier, and VanDyke ClientPack 6.1.2 and earlier are potentially vulnerable to this attack.
The advisory recommends using the AES cipher in CTR mode rather than CBC mode. VShell for some platforms, SecureCRT, SecureFX, and the VanDyke ClientPack for some platforms now prefer the AES cipher in CTR mode by default. Please see the following web page for more information. http://www.vandyke.com/support/advisory/2008/12/cpni-957037.html