CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow.
| Software | From | Fixed in |
|---|---|---|
| ssh / ssh | 1.2.24 | 1.2.24.x |
| ssh / ssh | 1.2.25 | 1.2.25.x |
| ssh / ssh | 1.2.26 | 1.2.26.x |
| ssh / ssh | 1.2.27 | 1.2.27.x |
| ssh / ssh | 1.2.28 | 1.2.28.x |
| ssh / ssh | 1.2.29 | 1.2.29.x |
| ssh / ssh | 1.2.30 | 1.2.30.x |
| ssh / ssh | 1.2.31 | 1.2.31.x |
| openbsd / openssh | 1.2.2 | 1.2.2.x |
| openbsd / openssh | 1.2.3 | 1.2.3.x |
| openbsd / openssh | 2.1 | 2.1.x |
| openbsd / openssh | 2.1.1 | 2.1.1.x |
| openbsd / openssh | 2.2 | 2.2.x |