Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.
References
Link Providers
http://isc.sans.org/diary.html?storyid=5366 cve-icon cve-icon
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 cve-icon cve-icon
http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html cve-icon cve-icon
http://marc.info/?l=bugtraq&m=125017764422557&w=2 cve-icon cve-icon
http://openssh.org/txt/cbc.adv cve-icon cve-icon
http://osvdb.org/49872 cve-icon cve-icon
http://osvdb.org/50035 cve-icon cve-icon
http://osvdb.org/50036 cve-icon cve-icon
http://rhn.redhat.com/errata/RHSA-2009-1287.html cve-icon cve-icon
http://secunia.com/advisories/32740 cve-icon cve-icon
http://secunia.com/advisories/32760 cve-icon cve-icon
http://secunia.com/advisories/32833 cve-icon cve-icon
http://secunia.com/advisories/33121 cve-icon cve-icon
http://secunia.com/advisories/33308 cve-icon cve-icon
http://secunia.com/advisories/34857 cve-icon cve-icon
http://secunia.com/advisories/36558 cve-icon cve-icon
http://sunsolve.sun.com/search/document.do?assetkey=1-66-247186-1 cve-icon cve-icon
http://support.apple.com/kb/HT3937 cve-icon cve-icon
http://support.attachmate.com/techdocs/2398.html cve-icon cve-icon
http://support.avaya.com/elmodocs2/security/ASA-2008-503.htm cve-icon cve-icon
http://www.cpni.gov.uk/Docs/Vulnerability_Advisory_SSH.txt cve-icon cve-icon
http://www.kb.cert.org/vuls/id/958563 cve-icon cve-icon
http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/CPNI957037.html cve-icon cve-icon
http://www.securityfocus.com/archive/1/498558/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/archive/1/498579/100/0/threaded cve-icon cve-icon
http://www.securityfocus.com/bid/32319 cve-icon cve-icon
http://www.securitytracker.com/id?1021235 cve-icon cve-icon
http://www.securitytracker.com/id?1021236 cve-icon cve-icon
http://www.securitytracker.com/id?1021382 cve-icon cve-icon
http://www.ssh.com/company/news/article/953/ cve-icon cve-icon
http://www.vupen.com/english/advisories/2008/3172 cve-icon cve-icon
http://www.vupen.com/english/advisories/2008/3173 cve-icon cve-icon
http://www.vupen.com/english/advisories/2008/3409 cve-icon cve-icon
http://www.vupen.com/english/advisories/2009/1135 cve-icon cve-icon
http://www.vupen.com/english/advisories/2009/3184 cve-icon cve-icon
https://exchange.xforce.ibmcloud.com/vulnerabilities/46620 cve-icon cve-icon
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667 cve-icon cve-icon
https://kc.mcafee.com/corporate/index?page=content&id=SB10106 cve-icon cve-icon
https://kc.mcafee.com/corporate/index?page=content&id=SB10163 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2008-5161 cve-icon
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11279 cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2008-5161 cve-icon
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2008-11-19T17:00:00

Updated: 2024-08-07T10:40:17.282Z

Reserved: 2008-11-19T00:00:00

Link: CVE-2008-5161

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2008-11-19T17:30:00.670

Modified: 2024-11-21T00:53:25.890

Link: CVE-2008-5161

cve-icon Redhat

Severity : Low

Publid Date: 2008-11-19T00:00:00Z

Links: CVE-2008-5161 - Bugzilla