Severity : Low Published : 2008-11-19 Modified : 2013-01-22 Base Score : 2.6 Details : Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors. Product/Version :   http://securitytracker.com/alerts/2008/Nov/1021235.html     CBC mode connections are affected       Carrier Grade CGE 5.1   Pro 5.0   Pro 4.x   CGE 4.x   Mobilinux 4.x   CGE 5.x   Mobilinux 5.x   Mobilinux 5.0.24   MVL 5 Atom   Pro 5.0.24   MVL 5 OMAP3   MVL 5 OMAP3530

CVE-2008-7256 CVE-2008-7068 CVE-2008-5713 CVE-2008-5300 CVE-2008-5286 CVE-2008-5161 CVE-2008-5079 CVE-2008-5029 CVE-2008-4989 CVE-2008-4864 CVE-2008-4685 CVE-2008-4554 CVE-2008-4316 CVE-2008-4309 CVE-2008-4307 CVE-2008-4210 CVE-2008-4109 CVE-2008-4101 CVE-2008-3934 CVE-2008-3933 CVE-2008-3932 CVE-2008-3915 CVE-2008-3527 CVE-2008-3526 CVE-2008-3522 CVE-2008-3521 CVE-2008-3520 CVE-2008-3294 CVE-2008-3276 CVE-2008-3275 CVE-2008-3272 CVE-2008-3146 CVE-2008-3142 CVE-2008-3141 CVE-2008-3140 CVE-2008-3139 CVE-2008-3138 CVE-2008-3137 CVE-2008-2952 CVE-2008-2812 CVE-2008-2729 CVE-2008-2364 CVE-2008-2292 CVE-2008-2108 CVE-2008-2107 CVE-2008-2051 CVE-2008-1927 CVE-2008-1808 CVE-2008-1807 CVE-2008-1806 CVE-2008-1722 CVE-2008-1678 CVE-2008-1673 CVE-2008-1657 CVE-2008-1483 CVE-2008-1372 CVE-2008-1367 CVE-2008-0598 CVE-2008-0596 CVE-2008-0122 CVE-2008-0007 CVE-2008-0005