Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 19 Mar 2001 07:24:16 +0300
From: Solar Designer <>
Subject: OW-003-ssh-traffic-analysis


We (me and Dug Song) have just published a security advisory entitled
Passive Analysis of SSH (Secure Shell) Traffic.  This advisory
demonstrates several weaknesses in implementations of SSH (Secure
Shell) protocols.  When exploited, they let the attacker obtain
sensitive information by passively monitoring encrypted SSH sessions.
Fix information, patches to reduce the impact of traffic analysis,
and a tool to demonstrate the attacks are provided.

The advisory is available at:

and should appear on Bugtraq shortly.


Powered by blists - more mailing lists

Your e-mail address:

Powered by Openwall GNU/*/Linux - Powered by OpenVZ