This is the mail archive of the
mailing list for the Cygwin project.
Exploitation of vulnerability in SSH1 CRC-32 compensation
- From: "Paul G." <pgarceau at qwest dot net>
- To: cygwin at cygwin dot com
- Date: Thu, 13 Dec 2001 19:46:35 -0800
- Subject: Exploitation of vulnerability in SSH1 CRC-32 compensation
- Organization: Paul G.
- Reply-to: pgarceau at qwest dot net
Not sure if this even applies for Cygwin, but thought I'd ask:
SSH CRC32 attack detection code contains remote integer overflow
Is the version of OpenSSH that is currently in use for Cygwin vulnerable?
Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
Bug reporting: http://cygwin.com/bugs.html