> CVE-2010-4478[0]:
> | OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly
> | validate the public parameters in the J-PAKE protocol, which allows
> | remote attackers to bypass the need for knowledge of the shared
> | secret, and successfully authenticate, by sending crafted value
Package: openssh
Version: 1:5.5p1-5
Severity: serious
Tags: security
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for openssh.
CVE-2010-4478[0]:
| OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly
| validate the public parameters in the J-PAKE proto
2 matches
Mail list logo
