[Bug 1291] aes256-ctr, aes192-ctr, arcfour256 broken with OpenSSL 0.9.8e

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Sun Mar 4 02:58:29 EST 2007


http://bugzilla.mindrot.org/show_bug.cgi?id=1291

           Summary: aes256-ctr, aes192-ctr, arcfour256 broken with OpenSSL
                    0.9.8e
           Product: Portable OpenSSH
           Version: 4.5p1
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: minor
          Priority: P2
         Component: sshd
        AssignedTo: bitbucket at mindrot.org
        ReportedBy: bjh21 at bjh21.me.uk


Connections from "OpenSSH_4.5p1, OpenSSL 0.9.8d 28 Sep 2006" to
"OpenSSH_4.5p1, OpenSSL 0.9.8e 23 Feb 2007" using "aes256-ctr" fail
with
"Bad packet length".  The same problem occurs when using PuTTY 0.59
against the newer server.

PuTTY users have reported this problem too, with servers on both
FreeBSD and Linux, and with OpenSSH versions back to 4.0.

The problem occurs with the "aes256-ctr", "aes192-ctr", and
"archfour256" ciphers, but not with "aes128-ctr", "aes256-cbc",
"aes192-cbc", or "arcfour128".




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.


More information about the openssh-bugs mailing list