Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1469

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2001-1469
Last Modified 05 Sep 2008 04:26:38
Published 18 Jan 2001 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-1469

Summary

The RC4 stream cipher as used by SSH1 allows remote attackers to modify messages without detection by XORing the original message's cyclic redundancy check (CRC) with the CRC of a mask consisting of all the bits of the original message that were modified.

Vulnerable Systems

Application

  • Ssh 1.2.24

  • Ssh 1.2.25

  • Ssh 1.2.26

  • Ssh 1.2.27

  • Ssh 1.2.28

  • Ssh 1.2.29

  • Ssh 1.2.30

  • Ssh 1.2.31


References

CERT-VN - VU#25309

XF - ssh-rc4-modify-packets(6449)


Last Updated: 27 May 2016 10:36:40