2 matches found
SunSSH < 1.1.1 / 1.3 CBC Plaintext Disclosure
The version of SunSSH running on the remote host has an information disclosure vulnerability. A design flaw in the SSH specification could allow a man-in-the-middle attacker to recover up to 32 bits of plaintext from an SSH-protected connection in the standard configuration. An attacker could...
CVE-2001-1585
CVE-2001-1585: OpenSSH 2.3.1 development snapshot (2001-01-18 to 2001-02-08) exposes a flaw in SSH protocol 2 public key authentication: it does not perform a challenge–response step to verify the client’s private key, allowing remote attackers to bypass authentication by using a public key from ...