CPNI has released a security advisory describing a vulnerability in SSH that allows an attacker with control over the network to recover up to 32 bits of plaintext from an SSH-protected connection in the standard configuration.
Posted: December 2, 2008
The advisory recommends using the AES cipher in CTR mode rather than CBC mode. VShell for some platforms, SecureCRT, SecureFX, and the VanDyke ClientPack for some platforms now prefer the AES cipher in CTR mode by default.
Affected Software Versions
VShell 3.5.1 and earlier
Vulnerability Fix Downloads
VShell 3.5.2 for Windows, FreeBSD, and Mac OS X*
Here you can control cookies using the checkboxes below. Some cookies are essential for the use of our website and cannot be disabled. Others provide a convenience to the user and, if disabled, may reduce the ease of use of our site. Finally, some cookies provide anonymous analytic tracking data that help us provide the user with a richer browsing experience. You can elect to disable these cookies as well.