OpenSSH Fixes Memory Corruption Bug With Update

The developers behind OpenSSH acknowledged and fixed over the weekend that a memory corruption vulnerability exists in some builds of the main suite. If exploited, the vulnerability could lead to an authenticated code execution flaw. The main problem stems from the post-authentication SSHD process and the AES-GCM cipher during key exchange. The SSHD wasn t initializing a message authentication code (MAC) and a cleanup callback was still being invoked during a re-keying operation

Source: https://threatpost.com/openssh-fixes-memory-corruption-bug-with-update/102894/

Something Fresh

Zip Codes & PII: Are They Personal Data?

ZeroNet: 51% Attack Risks & Mitigation

Zero Knowledge Voting with Trusted Server

What People Reading

YubiKey Security: Initial Setup with Yubi Cloud

Zero-Day Vulnerabilities: User Defence Guide

Feedback and data-driven updates to Googles disclosure policy

ZAP: Brute Force Passwords

Security Insider Interview Series: John McArthur, Senior Product Manager, IP Intelligence; and Rupert Young, Senior Director Software Engineering, Data Compilation and Identity, Neustar

Categories

Partners

Just add here your partners image or promo text