-----BEGIN PGP SIGNED MESSAGE-----
- -------------------------------------------------------------------------------
CORE SDI S.A.
Buenos Aires, Argentina
<http://www.core-sdi.com>
Update on SSH insertion attack
July 3rd, 1998
- -------------------------------------------------------------------------------
A new patch for the detection of the SSH insertion attack published by
CORE on June 11th. is now available at:
<http://www.core-sdi.com/ssh>
The new patch fixes two problems originally mentioned in
comp.security.ssh by David Jones <jonesd_at_kcgl1.eng.ohio-state.edu>
that were found to have certain implications on the reliability of the
attack detection.
It is strongly recommended to apply the new patch.
MD5 hashes for the available files are provided
below:
MD5 (ssh-1.2.25-core.tar.gz) = 9cc2adf10e8c2563db1d70a24ac4b2cd
MD5 (ssh-1.2.23-core-b.tar.gz) = 328583fc8356b96a4b3c629260685965
MD5 (ssh-1.2.23-core-b.tar.Z) = f8210154b07116cd70ffe77bffbc9463
MD5 (ssh-1.2.25.tar.Z) = 3c171a91d6eab639f6ea06e62be53b85
MD5 (ssh-1.2.23b.patch) = 882c36fd589a863927a8ef48d456dfef
MD5 (ssh-1.2.25.patch) = 57b2d84116642fd3135dc641045445df
Patches apply to the original SSH distributions 1.2.23 and 1.2.25
Additionally, a more technical description of the attack is
provided at the same URL.
$Id: ssh-addenum.txt,v 1.1 1998/07/03 20:22:32 iarce Exp $
- --
==============================[ CORE Seguridad de la Informacion S.A. ]=======
Ivan Arce
Gerencia de Tecnologia Email : ivan_at_core-sdi.com
Av. Santa Fe 2861 5to C TE : +54-1-821-1030
CP 1425 FAX : +54-1-821-1030
Buenos Aires, Argentina Mensajeria: +54-1-317-4157
==============================================================================
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv
iQCVAwUBNZ1RxfnO/LnPTgz1AQGYUgP/dqd+1cC9aLLuAgbOcYn2QaRFtuZKKiHL
58yjJPW5uYWfQB9qh5zEXEXTPc76/cNqQgY303JqWkrkIjOQ8ZG3lLqlPpBCHKRF
NIVKY5mMZBOZ6O8G1Cp4lzlaWycq2+03yKElO3wnHnJkic3+w98AF223kNLjvkmX
JAeEaYIUUzw=
=WvWJ
-----END PGP SIGNATURE-----
Received on Jul 06 1998
Intro
