Linux Today: Linux News On Internet Time.

More on LinuxToday

OpenSSH Flaw Exposes Linux Servers to Roaming Risk

Jan 14, 2016, 19:39 (0 Talkback[s])
(Other stories by Sean Michael Kerner)

The OpenSSH client code between 5.4 and 7.1 contains experimental support for resuming SSH-connections (roaming)," the OpenSSH project advisory on the update states. "The matching server code has never been shipped, but the client code was enabled by default and could be tricked by a malicious server into leaking client memory to the server, including private client user keys."

Security firm Qualys first reported the roaming vulnerability to the OpenSSH project and has identified the flaw as CVE-2016-0777.

Complete Story

Related Stories: