MultiCom Technical Support Forum Index MultiCom Technical Support
Supporting MultiCom Routers, Firewalls and VPN
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

SSH Sentinel Updated to 1.4.1 build 98

 
Post new topic   Reply to topic    MultiCom Technical Support Forum Index -> 3.x IPSec
View previous topic :: View next topic  
Author Message
Support



Joined: 09 Oct 2002
Posts: 175
Location: Lausanne, Switzerland
PostPosted: Wed Oct 29, 03 10:59    Post subject: SSH Sentinel Updated to 1.4.1 build 98 Reply with quote
SSH strongly recommends that you upgrade to the latest 1.4.1 (build 98) .

A vulnerability has been detected in the way SSH Sentinel handles the decoding of BER/DER encoded packets. BER/DER encoding is applied in digital certificates, which are used for authenticating a user in IKE negotiations. Certificates are also commonly used for authenticating SSL/TLS connections.

Using malformed BER/DER packets, the receiving host can potentially crash making a Denial-of-Service (DoS) attack possible.

The update can be downloaded at http://www.ssh.com/support/downloads/sentinel/updates-and-packages-1-4.html.

It requires a licensed version to already be installed for the update to work.
Back to top
View user's profile Send private message Send e-mail Visit poster's website
Display posts from previous:   
Post new topic   Reply to topic    MultiCom Technical Support Forum Index -> 3.x IPSec All times are GMT + 1 Hour
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group