4 matches found
SunSSH < 1.1.1 / 1.3 CBC Plaintext Disclosure
The version of SunSSH running on the remote host has an information disclosure vulnerability. A design flaw in the SSH specification could allow a man-in-the-middle attacker to recover up to 32 bits of plaintext from an SSH-protected connection in the standard configuration. An attacker could...
Mandrake Linux Security Advisory : openssh (MDKSA-2001:081)
In some circumstances, the sshd server may not honor the 'from=' option that can be associated with a key in a user's /.ssh/authorizedkeys2 file if multiple keys are listed. This could allow key-based logins from hosts which should not be allowed access. %NASLMINLEVEL 70300 C Tenable Network...
CVE-2001-1380
OpenSSH before 2.9.9, while using keypairs and multiple keys of different types in the /.ssh/authorizedkeys2 file, may not properly handle the "from" option associated with a key, which could allow remote attackers to login from unauthorized IP addresses...
CVE-2001-1380
Technical details for CVE-2001-1380 are not publicly available in the provided documents. No affected products, versions, or remediation are specified here. Please monitor for updates from authoritative sources.