{"containers":{"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2008-11-14T00:00:00.000Z","descriptions":[{"lang":"en","value":"Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2018-10-11T19:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"tags":["x_refsource_CONFIRM"],"url":"http://openssh.org/txt/cbc.adv"},{"name":"247186","tags":["vendor-advisory","x_refsource_SUNALERT"],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-247186-1"},{"name":"32319","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/32319"},{"name":"33121","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/33121"},{"tags":["x_refsource_CONFIRM"],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667"},{"name":"49872","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/49872"},{"name":"33308","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/33308"},{"name":"RHSA-2009:1287","tags":["vendor-advisory","x_refsource_REDHAT"],"url":"http://rhn.redhat.com/errata/RHSA-2009-1287.html"},{"tags":["x_refsource_MISC"],"url":"http://www.cpni.gov.uk/Docs/Vulnerability_Advisory_SSH.txt"},{"name":"1021382","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1021382"},{"tags":["x_refsource_CONFIRM"],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10163"},{"name":"50036","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/50036"},{"name":"32833","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/32833"},{"name":"36558","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/36558"},{"name":"50035","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://osvdb.org/50035"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.ssh.com/company/news/article/953/"},{"name":"1021235","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1021235"},{"name":"34857","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/34857"},{"tags":["x_refsource_MISC"],"url":"http://support.avaya.com/elmodocs2/security/ASA-2008-503.htm"},{"tags":["x_refsource_CONFIRM"],"url":"http://support.attachmate.com/techdocs/2398.html"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/CPNI957037.html"},{"name":"ADV-2008-3173","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2008/3173"},{"name":"20081123 Revised: OpenSSH security advisory: cbc.adv","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/498579/100/0/threaded"},{"name":"openssh-sshtectia-cbc-info-disclosure(46620)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/46620"},{"name":"32740","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/32740"},{"name":"ADV-2009-1135","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2009/1135"},{"name":"32760","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/32760"},{"name":"ADV-2009-3184","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2009/3184"},{"tags":["x_refsource_CONFIRM"],"url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705"},{"name":"1021236","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://www.securitytracker.com/id?1021236"},{"tags":["x_refsource_CONFIRM"],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10106"},{"name":"HPSBMA02447","tags":["vendor-advisory","x_refsource_HP"],"url":"http://marc.info/?l=bugtraq&m=125017764422557&w=2"},{"tags":["x_refsource_MISC"],"url":"http://isc.sans.org/diary.html?storyid=5366"},{"name":"APPLE-SA-2009-11-09-1","tags":["vendor-advisory","x_refsource_APPLE"],"url":"http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"},{"name":"SSRT090062","tags":["vendor-advisory","x_refsource_HP"],"url":"http://marc.info/?l=bugtraq&m=125017764422557&w=2"},{"name":"ADV-2008-3409","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2008/3409"},{"name":"ADV-2008-3172","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2008/3172"},{"name":"oval:org.mitre.oval:def:11279","tags":["vdb-entry","signature","x_refsource_OVAL"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11279"},{"name":"20081121 OpenSSH security advisory: cbc.adv","tags":["mailing-list","x_refsource_BUGTRAQ"],"url":"http://www.securityfocus.com/archive/1/498558/100/0/threaded"},{"tags":["x_refsource_CONFIRM"],"url":"http://support.apple.com/kb/HT3937"},{"name":"VU#958563","tags":["third-party-advisory","x_refsource_CERT-VN"],"url":"http://www.kb.cert.org/vuls/id/958563"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2008-5161","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"http://openssh.org/txt/cbc.adv","refsource":"CONFIRM","url":"http://openssh.org/txt/cbc.adv"},{"name":"247186","refsource":"SUNALERT","url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-247186-1"},{"name":"32319","refsource":"BID","url":"http://www.securityfocus.com/bid/32319"},{"name":"33121","refsource":"SECUNIA","url":"http://secunia.com/advisories/33121"},{"name":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667","refsource":"CONFIRM","url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667"},{"name":"49872","refsource":"OSVDB","url":"http://osvdb.org/49872"},{"name":"33308","refsource":"SECUNIA","url":"http://secunia.com/advisories/33308"},{"name":"RHSA-2009:1287","refsource":"REDHAT","url":"http://rhn.redhat.com/errata/RHSA-2009-1287.html"},{"name":"http://www.cpni.gov.uk/Docs/Vulnerability_Advisory_SSH.txt","refsource":"MISC","url":"http://www.cpni.gov.uk/Docs/Vulnerability_Advisory_SSH.txt"},{"name":"1021382","refsource":"SECTRACK","url":"http://www.securitytracker.com/id?1021382"},{"name":"https://kc.mcafee.com/corporate/index?page=content&id=SB10163","refsource":"CONFIRM","url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10163"},{"name":"50036","refsource":"OSVDB","url":"http://osvdb.org/50036"},{"name":"32833","refsource":"SECUNIA","url":"http://secunia.com/advisories/32833"},{"name":"36558","refsource":"SECUNIA","url":"http://secunia.com/advisories/36558"},{"name":"50035","refsource":"OSVDB","url":"http://osvdb.org/50035"},{"name":"http://www.ssh.com/company/news/article/953/","refsource":"CONFIRM","url":"http://www.ssh.com/company/news/article/953/"},{"name":"1021235","refsource":"SECTRACK","url":"http://www.securitytracker.com/id?1021235"},{"name":"34857","refsource":"SECUNIA","url":"http://secunia.com/advisories/34857"},{"name":"http://support.avaya.com/elmodocs2/security/ASA-2008-503.htm","refsource":"MISC","url":"http://support.avaya.com/elmodocs2/security/ASA-2008-503.htm"},{"name":"http://support.attachmate.com/techdocs/2398.html","refsource":"CONFIRM","url":"http://support.attachmate.com/techdocs/2398.html"},{"name":"http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/CPNI957037.html","refsource":"CONFIRM","url":"http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/CPNI957037.html"},{"name":"ADV-2008-3173","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2008/3173"},{"name":"20081123 Revised: OpenSSH security advisory: cbc.adv","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/498579/100/0/threaded"},{"name":"openssh-sshtectia-cbc-info-disclosure(46620)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/46620"},{"name":"32740","refsource":"SECUNIA","url":"http://secunia.com/advisories/32740"},{"name":"ADV-2009-1135","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2009/1135"},{"name":"32760","refsource":"SECUNIA","url":"http://secunia.com/advisories/32760"},{"name":"ADV-2009-3184","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2009/3184"},{"name":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705","refsource":"CONFIRM","url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705"},{"name":"1021236","refsource":"SECTRACK","url":"http://www.securitytracker.com/id?1021236"},{"name":"https://kc.mcafee.com/corporate/index?page=content&id=SB10106","refsource":"CONFIRM","url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10106"},{"name":"HPSBMA02447","refsource":"HP","url":"http://marc.info/?l=bugtraq&m=125017764422557&w=2"},{"name":"http://isc.sans.org/diary.html?storyid=5366","refsource":"MISC","url":"http://isc.sans.org/diary.html?storyid=5366"},{"name":"APPLE-SA-2009-11-09-1","refsource":"APPLE","url":"http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"},{"name":"SSRT090062","refsource":"HP","url":"http://marc.info/?l=bugtraq&m=125017764422557&w=2"},{"name":"ADV-2008-3409","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2008/3409"},{"name":"ADV-2008-3172","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2008/3172"},{"name":"oval:org.mitre.oval:def:11279","refsource":"OVAL","url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11279"},{"name":"20081121 OpenSSH security advisory: cbc.adv","refsource":"BUGTRAQ","url":"http://www.securityfocus.com/archive/1/498558/100/0/threaded"},{"name":"http://support.apple.com/kb/HT3937","refsource":"CONFIRM","url":"http://support.apple.com/kb/HT3937"},{"name":"VU#958563","refsource":"CERT-VN","url":"http://www.kb.cert.org/vuls/id/958563"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-07T10:40:17.282Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://openssh.org/txt/cbc.adv"},{"name":"247186","tags":["vendor-advisory","x_refsource_SUNALERT","x_transferred"],"url":"http://sunsolve.sun.com/search/document.do?assetkey=1-66-247186-1"},{"name":"32319","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/32319"},{"name":"33121","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/33121"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667"},{"name":"49872","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/49872"},{"name":"33308","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/33308"},{"name":"RHSA-2009:1287","tags":["vendor-advisory","x_refsource_REDHAT","x_transferred"],"url":"http://rhn.redhat.com/errata/RHSA-2009-1287.html"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://www.cpni.gov.uk/Docs/Vulnerability_Advisory_SSH.txt"},{"name":"1021382","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1021382"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10163"},{"name":"50036","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/50036"},{"name":"32833","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/32833"},{"name":"36558","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/36558"},{"name":"50035","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://osvdb.org/50035"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.ssh.com/company/news/article/953/"},{"name":"1021235","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1021235"},{"name":"34857","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/34857"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://support.avaya.com/elmodocs2/security/ASA-2008-503.htm"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://support.attachmate.com/techdocs/2398.html"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/CPNI957037.html"},{"name":"ADV-2008-3173","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2008/3173"},{"name":"20081123 Revised: OpenSSH security advisory: cbc.adv","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/498579/100/0/threaded"},{"name":"openssh-sshtectia-cbc-info-disclosure(46620)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/46620"},{"name":"32740","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/32740"},{"name":"ADV-2009-1135","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2009/1135"},{"name":"32760","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/32760"},{"name":"ADV-2009-3184","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2009/3184"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705"},{"name":"1021236","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://www.securitytracker.com/id?1021236"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10106"},{"name":"HPSBMA02447","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=125017764422557&w=2"},{"tags":["x_refsource_MISC","x_transferred"],"url":"http://isc.sans.org/diary.html?storyid=5366"},{"name":"APPLE-SA-2009-11-09-1","tags":["vendor-advisory","x_refsource_APPLE","x_transferred"],"url":"http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html"},{"name":"SSRT090062","tags":["vendor-advisory","x_refsource_HP","x_transferred"],"url":"http://marc.info/?l=bugtraq&m=125017764422557&w=2"},{"name":"ADV-2008-3409","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2008/3409"},{"name":"ADV-2008-3172","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2008/3172"},{"name":"oval:org.mitre.oval:def:11279","tags":["vdb-entry","signature","x_refsource_OVAL","x_transferred"],"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11279"},{"name":"20081121 OpenSSH security advisory: cbc.adv","tags":["mailing-list","x_refsource_BUGTRAQ","x_transferred"],"url":"http://www.securityfocus.com/archive/1/498558/100/0/threaded"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://support.apple.com/kb/HT3937"},{"name":"VU#958563","tags":["third-party-advisory","x_refsource_CERT-VN","x_transferred"],"url":"http://www.kb.cert.org/vuls/id/958563"}]}]},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2008-5161","datePublished":"2008-11-19T17:00:00.000Z","dateReserved":"2008-11-19T00:00:00.000Z","dateUpdated":"2024-08-07T10:40:17.282Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}