Knowledge Search


×
 

[ScreenOS] Are NetScreen devices vulnerable to the OpenSSH v2 "Challenge-Response" (CERT VU#369347) vulnerability?

  [KB3946] Show Article Properties


Summary:

This article talks about status of Netscreen devices with respect to OpenSSH v2 "Challenge-Response" (CERT VU#369347) vulnerability.

Solution:

NetScreen devices' are not subject to the vulnerability.

The only supported authentication method in NetScreen SSH is password. This specific vulnerability is related to denial of service attack on the SSH2 "challenge-response" auth method,' which is' not applicable to NetScreen's implementation of SSH.

Modification History:
2019-09-27: Minor, non-technical update.
Related Links: