Y
Hacker News
new
|
ask
|
show
|
jobs
by
Columbo818
820 days ago
Dropbear claims to be RFC-compliant, but isnt. Proof here:
https://www.cvedetails.com/cve/CVE-2021-36369/
TinySSH doesnt claim to be compliant, and isnt. Does less in exchange for a reduced attack surface.
1 comments
mkj
820 days ago
That CVE is a UI confusion issue in the client, I'm not sure exactly what bit the reporter thought was non-RFC compliant.
link