498957 – CVE-2008-5161 - CBC Mode Information Disclosure Vulnerability

Bug 498957 - CVE-2008-5161 - CBC Mode Information Disclosure Vulnerability

Summary: CVE-2008-5161 - CBC Mode Information Disclosure Vulnerability

Keywords:
Status:	CLOSED DUPLICATE of bug 472068
Alias:	None
Product:	Red Hat Enterprise Linux 5
Classification:	Red Hat
Component:	openssh
Sub Component:
Version:	5.3
Hardware:	All
OS:	Linux
Priority:	low
Severity:	low
Target Milestone:	rc
Target Release:	---
Assignee:	Tomas Mraz
QA Contact:	BaseOS QE
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2009-05-04 15:30 UTC by Mike Herrick
Modified:	2009-05-04 15:46 UTC (History)
CC List:	0 users
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2009-05-04 15:46:03 UTC
Target Upstream Version:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Mike Herrick 2009-05-04 15:30:22 UTC

Description of problem:

securityspace.com issues a vulnerability alert (BugTraq ID: 32319) for RHEL 5.3 system running the latest openssh (4.3p2-29), suggesting an upgrade to openssh 5.2 or later.

Version-Release number of selected component (if applicable):
openssh-4.3p2-29.el5

How reproducible:
Always.

Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:
Appears to have been fixed in openssh 5.2.

Comment 1 Tomas Mraz 2009-05-04 15:46:03 UTC


*** This bug has been marked as a duplicate of bug 472068 ***

Note You need to log in before you can comment on or make changes to this bug.