EUVD-2001-1446

Malware in sbrugna...

K17448: OpenSSH vulnerability CVE-2001-1473

Security Advisory Description The SSH-1 protocol allows remote servers to conduct man-in-the-middle attacks and replay a client challenge response to a target server by creating a Session ID that matches the Session ID of the target, but which uses a public key pair that is weaker than the target...

CVE-2001-1473

CVE-2001-1473 : The SSH-1 protocol vulnerability allows a remote attacker to perform man-in-the-middle and replay attacks by crafting a Session ID that matches the target’s Session ID but uses a weaker public key, enabling the attacker to compute the corresponding private key and masquerade as th...

CVE-2001-1466

Buffer overflow in VanDyke SecureCRT before 3.4.2, when using the SSH-1 protocol, allows remote attackers to execute arbitrary code via a long 1 username or 2 password...

CVE-2001-1473

The SSH-1 protocol allows remote servers to conduct man-in-the-middle attacks and replay a client challenge response to a target server by creating a Session ID that matches the Session ID of the target, but which uses a public key pair that is weaker than the target's public key, which allows th...

SSH-1 allows client authentication to be forwarded by a malicious server to another server

Overview A design flaw in the SSH-1 protocol allows a malicious server to establish two concurrent sessions with the same session ID, allowing a man-in-the-middle attack. The client must accept unknown host keys from the malicious server to enable exploitation of this vulnerability. Description...