Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


Top White Papers

More on LinuxToday


OpenSSH chink bares encrypted data packets

May 19, 2009, 18:02 (4 Talkback[s])
(Other stories by Dan Goodin)

"All programs that incorporate the OpenSSH implementation of SSH, short for Secure Shell, should make sure they use version 5.2, which provides several countermeasures to prevent the attacks. Other SSH implementations may be vulnerable as well, the researchers from the Information Security Group at the University of London's Royal Holloway said.

"The attack exploits subtle differences in the way SSH software reacts when encountering errors during cryptographic processing. By directing specially manipulated packets at the application, an attacker has a one in 262,144 chance of recovering 32 bits of plaintext from an arbitrary chunk of ciphertext."

Complete Story

Related Stories: