Phase:The RC4 stream cipher as used by SSH1 allows remote attackers to modify messages without detection by XORing the original message's cyclic redundancy check (CRC) with the CRC of a mask consisting of all the bits of the original message that were modified.
ReferencesCERT-VN:VU#25309 | URL:http://www.kb.cert.org/vuls/id/25309 | XF:ssh-rc4-modify-packets(6449) | URL:http://xforce.iss.net/xforce/xfdb/6449
Votes:Assigned (Thursday, April 21, 2005)
Comments:None (candidate not yet proposed)
F7: