2 matches found
SunSSH < 1.1.1 / 1.3 CBC Plaintext Disclosure
The version of SunSSH running on the remote host has an information disclosure vulnerability. A design flaw in the SSH specification could allow a man-in-the-middle attacker to recover up to 32 bits of plaintext from an SSH-protected connection in the standard configuration. An attacker could...
CVE-2003-1562
MODE C CVE-2003-1562 refers to a race condition in sshd/OpenSSH 3.6.1p2 and earlier, where with PermitRootLogin disabled and using PAM keyboard-interactive authentication, sshd does not insert a delay after a root password attempt. This timing discrepancy could enable remote attackers to infer wh...