Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1475

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2001-1475
Last Modified 05 Sep 2008 04:26:39
Published 18 Jan 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-1475

Summary

SSH before 2.0, when using RC4 and password authentication, allows remote attackers to replay messages until a new server key (VK) is generated.

Vulnerable Systems

Application

  • Ssh 1.2.24

  • Ssh 1.2.25

  • Ssh 1.2.26

  • Ssh 1.2.27

  • Ssh 1.2.28

  • Ssh 1.2.29

  • Ssh 1.2.30

  • Ssh 1.2.31


References

CERT-VN - VU#665372

XF - ssh-rc4-replay-conversation(6490)


Last Updated: 27 May 2016 10:36:41