CVE-2007-0726
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.2 Medium
AI Score
Confidence
Low
0.047 Low
EPSS
Percentile
92.7%
The SSH key generation process in OpenSSH in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote attackers to cause a denial of service by connecting to the server before SSH has finished creating keys, which causes the keys to be regenerated and can break trust relationships that were based on the original keys.
Affected configurations
References
docs.info.apple.com/article.html?artnum=305214
lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
secunia.com/advisories/24479
www.osvdb.org/34850
www.securityfocus.com/bid/22948
www.securitytracker.com/id?1017756
www.us-cert.gov/cas/techalerts/TA07-072A.html
www.vupen.com/english/advisories/2007/0930
exchange.xforce.ibmcloud.com/vulnerabilities/32975
Related
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
6.2 Medium
AI Score
Confidence
Low
0.047 Low
EPSS
Percentile
92.7%