CVE-2008-5161

Name of the Vulnerable Software and Affected Versions SSH Tectia Client and Server and Connector versions 4.0 through 4.4.11 SSH Tectia Client and Server and Connector versions 5.0 through 5.2.4 SSH Tectia Client and Server and Connector versions 5.3 through 5.3.8 SSH Tectia Client and Server and ConnectSecure versions 6.0 through 6.0.4 SSH Tectia Server for Linux on IBM System z version 6.0.4 SSH Tectia Server for IBM z/OS versions 5.5.1 and earlier, 6.0.0, and 6.0.1 SSH Tectia Client versions 4.0-J through 4.3.3-J SSH Tectia Client versions 4.0-K through 4.3.10-K OpenSSH version 4.7p1 OpenSSH versions prior to 6.6 p1-r1

Description The error handling in the SSH protocol makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session. Multiple vulnerabilities in the OpenSSH package can lead to violations of confidentiality, integrity, and availability of protected information. Exploitation of these vulnerabilities can be done remotely.

Recommendations For SSH Tectia Client and Server and Connector versions 4.0 through 4.4.11, update to a version later than 4.4.11. For SSH Tectia Client and Server and Connector versions 5.0 through 5.2.4, update to a version later than 5.2.4. For SSH Tectia Client and Server and Connector versions 5.3 through 5.3.8, update to a version later than 5.3.8. For SSH Tectia Client and Server and ConnectSecure versions 6.0 through 6.0.4, update to a version later than 6.0.4. For SSH Tectia Server for Linux on IBM System z version 6.0.4, update to a version later than 6.0.4. For SSH Tectia Server for IBM z/OS versions 5.5.1 and earlier, 6.0.0, and 6.0.1, update to a version later than 6.0.1. For SSH Tectia Client versions 4.0-J through 4.3.3-J, update to a version later than 4.3.3-J. For SSH Tectia Client versions 4.0-K through 4.3.10-K, update to a version later than 4.3.10-K. For OpenSSH version 4.7p1, update to a version later than 4.7p1. For OpenSSH versions prior to 6.6 p1-r1, update to a version later than or equal to 6.6 p1-r1. At the moment, there is no information about a newer version that contains a fix for Check Point GAiA.