Implementations of SSH version 1.5, including (1) OpenSSH up to version 2.3.0, (2) AppGate, and (3) ssh-1 up to version 1.2.31, in certain configurations, allow a remote malicious user to decrypt and/or alter traffic via a "Bleichenbacher attack" on PKCS#1 version 1.5.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openbsd openssh 1.2.3 |
||
ssh ssh |
||
openbsd openssh 2.1 |
||
openbsd openssh 2.1.1 |