Computer Security
[EN] securityvulns.ru no-pyccku


OpenSSH timing attacks
updated since 03.05.2003
Published:09.10.2006
Source:
SecurityVulns ID:2789
Type:remote
Threat Level:
5/10
Description:It's possible to check user's validity by measuring response time.
Affected:OPENSSH : OpenSSH 3.6
 NOKIA : IPSO 3.0
 OPENSSH : OpenSSH 4.1
Original documentdocumentMarco Ivaldi, yet another OpenSSH timing leak? (09.10.2006)
 documentMarco Ivaldi, OpenSSH/PAM timing attack allows remote users identification (03.05.2003)
Files:OpenSSH <= 3.6.p1 - User Identification

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod