Posted: December 2, 2008
Description
The advisory recommends using the AES cipher in CTR mode rather
than CBC mode. VShell for some platforms, SecureCRT, SecureFX,
and the VanDyke ClientPack for some platforms now prefer the
AES cipher in CTR mode by default.
Affected Software Versions
VShell 3.5.1 and earlier
SecureCRT 6.1.2 and earlier
SecureFX 6.1.2 and earlier
VanDyke ClientPack 6.1.2 and earlier
Vulnerability Fix Downloads
VShell 3.5.2
for Windows, FreeBSD, and Mac OS X*
SecureCRT
6.1.3 or later
SecureFX 6.1.3 or
later VanDyke
ClientPack
6.1.3 for Windows, FreeBSD, and Mac OS X*
*Please contact VanDyke
Software technical support if you are using VShell or the ClientPack
for AIX, HP-UX, Red Hat for Linux, or Solaris.
|
Technical Support
|
If you have any questions concerning upgrade eligibility
in response to this security advisory, please contact
VanDyke Software.
|
| |
|
Official Postings
|
CPNI published an advisory on this vulnerability on 11/14/2008. This advisory is no longer available on the CPNI website.
|
| |
|
Revision History
|
December 2, 2008 - Security Advisory published.
|
|
