Lucene search
HistoryApr 02, 2003 - 5:00 a.m.
CVE-2001-1382
cve-2001-1382
openssh
echo simulation
countermeasure
remote attackers
traffic analysis
9.5 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.005 Low
EPSS
Percentile
77.2%
The “echo simulation” traffic analysis countermeasure in OpenSSH before 2.9.9p2 sends an additional echo packet after the password and carriage return is entered, which could allow remote attackers to determine that the countermeasure is being used.
Affected configurations
Node
openbsdopensshRange≤2.9.9p2
| CPE | Name | Operator | Version |
|---|---|---|---|
| openbsd:openssh | openbsd openssh | le | 2.9.9p2 |
Related
nvd
nvd
CVE-2001-1382
2001-09-27 04:00:00
cvelist
cvelist
CVE-2001-1382
2003-04-02 05:00:00
nessus
nessus
OpenSSH < 2.9.9p2 echo simulation Information Disclosure
2011-10-04 00:00:00
SunSSH < 1.1.1 / 1.3 CBC Plaintext Disclosure
2011-08-29 00:00:00
9.5 High
AI Score
Confidence
High
5 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
0.005 Low
EPSS
Percentile
77.2%
Related for CVE-2001-1382