This document will summarize vulnerabilities in the ssh cryptographic login program. These vulnerabilites enables a malicious user to access a remote host without proper authorization. Numerous flaws have been uncovered in the implementation of the SSH protocol.
In May of 2002, a vulnerability was found in SSH Communications SSH versions 3.0.x and 3.1.1. Specifically, under some circumstances, it may be possible for a remote user to bypass the "AllowedAuthentications" specified in the server configuration. This could allow a user to authenticate using a different or weaker means, such as a password.
In addition, many SSH version 2 implementations that are configured for verion 1 fallback are vulnerable to the CRC32 exploit.
Resolutions
Vendors recommend upgrading to SSH version 2 protocol products. Most of these exploits do not exist in the newer version 2. However, be sure that the version 2 implmentation does not support version 1 fallback or confirm that it has been patched for fallback.
All SSH Communications users should upgrade to version 3.1.2 or above.