Lc.DB — the Linux.com Article Museum
Home:: Authors:: Categories:: Staff:: All Articles Powered by GNU/Linux
Originally published: Wednesday, 15 December 1999 Author: Quentin Cregan
Published to: news_enhance_security/Security News Page: 1/1   [Standard view]

sshd1 allows server to use unencrypted sessions.

[BugTraq]: "While working on OpenSSH I discovered the following defect in ssh-1.2.27, OpenSSH and other related implementations of SSH1: A malicious ssh-client can force a server to use the so called cipher "none" even if the server-policy does not permit this."

(this article had no body text)

Originally published on Linux.com. Released under the Open Content License unless otherwise stated. Notify Gareth Watts of any errors or copyright violations.