Quoting Brian G. Kirsch (bkirschat_private): > In testing a Netscreen 5, I noticed that ssh v.1 compatibility is enabled > for remote management. The question is, is Netscreen vulnerable to the > various ssh v.1 vulnerabilities -- specifically the SSH1 CRC-32 compensation > attack detector vulnerability? > > Thanks. According to Netscreen it is not. At least that what they said when that CRC-32 compensation thing first came out... I am sure you can find it somewhere on www.netscreen.com If 'manage ssh' is enabled on the untrusted interface you can try password guessing... Defaults are netscreen/netscreen :) ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
This archive was generated by hypermail 2b30 : Sat May 25 2002 - 08:43:51 PDT