Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1470

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2001-1470
Last Modified 05 Sep 2008 04:26:38
Published 18 Jan 2001 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-1470

Summary

The IDEA cipher as implemented by SSH1 does not protect the final block of a message against modification, which allows remote attackers to modify the block without detection by changing its cyclic redundancy check (CRC) to match the modifications to the message.

Vulnerable Systems

Application

  • Ssh 1.2.24

  • Ssh 1.2.25

  • Ssh 1.2.26

  • Ssh 1.2.27

  • Ssh 1.2.28

  • Ssh 1.2.29

  • Ssh 1.2.30

  • Ssh 1.2.31


References

CERT-VN - VU#315308

XF - ssh-idea-modify-packets(6472)


Last Updated: 27 May 2016 10:36:40