2 matches found
SunSSH < 1.1.1 / 1.3 CBC Plaintext Disclosure
The version of SunSSH running on the remote host has an information disclosure vulnerability. A design flaw in the SSH specification could allow a man-in-the-middle attacker to recover up to 32 bits of plaintext from an SSH-protected connection in the standard configuration. An attacker could...
CVE-2001-0572
CVE-2001-0572 concerns the SSH protocols 1 and 2 as implemented in OpenSSH and other packages. The connected documents confirm concrete details: the issue enables a remote attacker to sniff and disclose information such as password lengths, the authentication method (RSA/DSA), the number of autho...