OpenSSH CBC Mode Information Disclosure Vulnerability

Summary
The host is installed with OpenSSH and is prone to information disclosure vulnerability.
Impact
Successful exploits will allow attackers to obtain four bytes of plaintext from an encrypted session. Impact Level: Application
Solution
Upgrade to higher version http://www.openssh.com/portable.html
Insight
The flaw is due to the improper handling of errors within an SSH session encrypted with a block cipher algorithm in the Cipher-Block Chaining 'CBC' mode.
Affected
- SSH Communications Security Tectia Client and Server version 6.0.4 and prior - SSH Communications Security Tectia ConnectSecure version 6.0.4 and prior - OpenSSH OpenSSH version 4.7p1 and prior
References