CVE-2005-2666

2005-08-2304:00:00

CWE-255

[email protected]

web.nvd.nist.gov

ssh

plaintext storage

known_hosts

security vulnerability

openssh

ip addresses

nvd

cve-2005-2666

6.4 Medium

AI Score

Confidence

Low

1.2 Low

CVSS2

Access Vector

LOCAL

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:H/Au:N/C:P/I:N/A:N

0.001 Low

EPSS

Percentile

29.8%

JSON

SSH, as implemented in OpenSSH before 4.0 and possibly other implementations, stores hostnames, IP addresses, and keys in plaintext in the known_hosts file, which makes it easier for an attacker that has compromised an SSH user’s account to generate a list of additional targets that are more likely to have the same password or key.

CPENameOperatorVersion
openbsd:opensshopenbsd openssheq3.8
openbsd:opensshopenbsd openssheq3.8.1p1
openbsd:opensshopenbsd openssheq3.1
openbsd:opensshopenbsd openssheq3.0.2p1
openbsd:opensshopenbsd openssheq3.8.1
openbsd:opensshopenbsd openssheq3.7.1p2
openbsd:opensshopenbsd openssheq3.2.3p1
openbsd:opensshopenbsd openssheq3.1p1
openbsd:opensshopenbsd openssheq3.6.1p2
openbsd:opensshopenbsd openssheq3.9

CPE	Name	Operator	Version
openbsd:openssh	openbsd openssh	eq	3.8
openbsd:openssh	openbsd openssh	eq	3.8.1p1
openbsd:openssh	openbsd openssh	eq	3.1
openbsd:openssh	openbsd openssh	eq	3.0.2p1
openbsd:openssh	openbsd openssh	eq	3.8.1
openbsd:openssh	openbsd openssh	eq	3.7.1p2
openbsd:openssh	openbsd openssh	eq	3.2.3p1
openbsd:openssh	openbsd openssh	eq	3.1p1
openbsd:openssh	openbsd openssh	eq	3.6.1p2
openbsd:openssh	openbsd openssh	eq	3.9