Bug 498957 – CVE-2008-5161 - CBC Mode Information Disclosure Vulnerability

Bug 498957 - CVE-2008-5161 - CBC Mode Information Disclosure Vulnerability

Summary:	CVE-2008-5161 - CBC Mode Information Disclosure Vulnerability

Status:	CLOSED DUPLICATE of bug 472068

Aliases:	None

Product:	Red Hat Enterprise Linux 5
Classification:	Red Hat
Component:	openssh (Show other bugs)
Sub Component:
Version:	5.3
Hardware:	All Linux

Priority	low Severity low
Target Milestone:	rc
Target Release:	---
Assigned To:	Tomas Mraz
QA Contact:	BaseOS QE
Docs Contact:

URL:
Whiteboard:
Keywords:

Depends On:
Blocks:
	Show dependency tree / graph

Reported:	2009-05-04 11:30 EDT by Mike Herrick
Modified:	2009-05-04 11:46 EDT (History)
CC List:	0 users

See Also:
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2009-05-04 11:46:03 EDT
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description Mike Herrick 2009-05-04 11:30:22 EDT

Description of problem:

securityspace.com issues a vulnerability alert (BugTraq ID: 32319) for RHEL 5.3 system running the latest openssh (4.3p2-29), suggesting an upgrade to openssh 5.2 or later.

Version-Release number of selected component (if applicable):
openssh-4.3p2-29.el5

How reproducible:
Always.

Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:
Appears to have been fixed in openssh 5.2.

Comment 1 Tomas Mraz 2009-05-04 11:46:03 EDT


*** This bug has been marked as a duplicate of bug 472068 ***

Note You need to log in before you can comment on or make changes to this bug.