VULHUB ™

A vulnerability has been reported in SSH Communications Secure Shell and IPSEC Express Toolkit that may theoretically permit adversaries to forge RSA signatures without requiring a RSA private key. This includes signatures that could be used during host or user authentication. It should be noted that this issue may not be practical to exploit and may require an astronomical amount of brute-forcing. This vulnerability affects versions of the software on Microsoft Windows and Unix derived platforms. The issue is also reported to affect various F-Secure SSH releases.

A vulnerability has been reported in SSH Communications Secure Shell and IPSEC Express Toolkit that may theoretically permit adversaries to forge RSA signatures without requiring a RSA private key. This includes signatures that could be used during host or user authentication. It should be noted that this issue may not be practical to exploit and may require an astronomical amount of brute-forcing. This vulnerability affects versions of the software on Microsoft Windows and Unix derived platforms. The issue is also reported to affect various F-Secure SSH releases.