[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2001-0361Date: (C)2001-06-27   (M)2023-12-22


Implementations of SSH version 1.5, including (1) OpenSSH up to version 2.3.0, (2) AppGate, and (3) ssh-1 up to version 1.2.31, in certain configurations, allow a remote attacker to decrypt and/or alter traffic via a "Bleichenbacher attack" on PKCS#1 version 1.5.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.0
Exploit Score: 4.9
Impact Score: 4.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: HIGH
Authentication: NONE
Confidentiality: PARTIAL
Integrity: PARTIAL
Availability: NONE
  
Reference:
http://marc.info/?l=bugtraq&m=98158450021686&w=2
OSVDB-2116
BID-2344
DSA-023
DSA-027
DSA-086
FreeBSD-SA-01:24
L-047
SuSE-SA:2001:04
ssh-session-key-recovery(6082)

CPE    4
cpe:/a:openbsd:openssh:1.2.3
cpe:/a:openbsd:openssh:2.1.1
cpe:/a:openbsd:openssh:2.1
cpe:/a:ssh:ssh:1.2.31
...
CWE    1
CWE-310

© SecPod Technologies