Webmaster rambling and mental notes
Home | Profile | Archives | Friends
Flaw Made Public In OpenSSH Encryption
5/22/2009

Alimo20 writes "Researchers at the Royal Holloway, health center of London have discovered a flaw in Version 4.7 of OpenSSH on Debian/GNU Linux. as it should be to ISG lead instructor Kenny Patterson, an attacker has a 2^{-18} (that is, one in 262,144) chance of success. Patterson tells that this is more ciceronian than past discoveries because 'This is a design flaw in OpenSSH. The other vulnerabilities have been more about coding errors.' The vulnerability is 1995 by houghton mifflin harcourt printing company. published by houghton mifflin harcourt issue company. all rights reserved.cite this source synonym cumulation v1.1copyright © 2008 by lexico issue group by a man-in-the-middle intercepting blocks of encrypted stuff as it passes. The attacker then re-transmits the data back to the server and counts the number of bytes before the server to throws error messages and disconnects the attacker. Using this information, the attacker can work backwards to figure out the first 4 bytes of data before encryption. 'The attack relies on flaws in the RFC (Request for Comments) cyberspace necessary that define SSH, said Patterson. ... Patterson said that he did not believe this flaw had been exploited in the wild, and that to deduce a message of perceivable length could take days.'"

Read more of this story at Slashdot.




More: - Continued here

Mark

Share |
(Posted in Nerd)
Share and enjoy
  • Digg
  • del.icio.us
  • blinkbits
  • BlinkList
  • BlogMemes
  • blogmarks
  • DZone
  • Fark
  • Furl
  • Netvouz
  • NewsVine
  • Reddit
  • Slashdot
  • Smarking
  • Spurl
  • StumbleUpon
  • Taggly
  • Technorati
  • YahooMyWeb
Post Comment

Notify me of followup comments via e-mail.

Entry 1 of 6209
Last Page | Next Page