32 matches found
PuTTY 0.72 -- buffer overflow in SSH-1 and integer overflow in SSH client
Simon Tatham reports: Vulnerabilities fixed in this release include: A malicious SSH-1 server could trigger a buffer overrun by sending extremely short RSA keys, or certain bad packet length fields. Either of these could happen before host key verification, so even if you trust the server you...
CVE-2001-1473
The SSH-1 protocol allows remote servers to conduct man-in-the-middle attacks and replay a client challenge response to a target server by creating a Session ID that matches the Session ID of the target, but which uses a public key pair that is weaker than the target's public key, which allows th...
Deprecated SSH-1 Protocol Detection
The host is running SSH and is providing / accepting one or more deprecated versions of the SSH protocol which have known cryptographic flaws. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...
SOL6736 - OpenSSH vulnerabilities CAN-2006-5051, CAN-2006-4924
This security advisory describes an OpenSSH Signal Handling vulnerability CVE-2006-5051. A remote attacker could possibly leverage this flaw to cause a denial of service. This security advisory also describes a denial of service bug CVE-2006-4924 in the OpenSSH sshd server. A remote attacker can...
CVE-2001-1473
The SSH-1 protocol allows remote servers to conduct man-in-the-middle attacks and replay a client challenge response to a target server by creating a Session ID that matches the Session ID of the target, but which uses a public key pair that is weaker than the target's public key, which allows th...
CVE-2001-1466
CVE-2001-1466 : The connected sources confirm a vulnerability in VanDyke SecureCRT (pre-3.4.2) where a buffer overflow is triggered by a long username or password when using the SSH-1 protocol , allowing remote code execution. The description is consistent across NVD/CVE records; exploitation det...
CVE-2001-1473
CVE-2001-1473 : The SSH-1 protocol vulnerability allows a remote attacker to perform man-in-the-middle and replay attacks by crafting a Session ID that matches the target’s Session ID but uses a weaker public key, enabling the attacker to compute the corresponding private key and masquerade as th...
CVE-2001-1466
Buffer overflow in VanDyke SecureCRT before 3.4.2, when using the SSH-1 protocol, allows remote attackers to execute arbitrary code via a long 1 username or 2 password...
CVE-2001-0361
CVE-2001-0361 affects SSH v1.5 implementations, notably OpenSSH up to 2.3.0, AppGate, and ssh-1 up to 1.2.31, when configured in certain ways. The issue enables a remote attacker to decrypt and/or alter traffic via a Bleichenbacher attack on PKCS#1 version 1.5. The connected PT security entries (...
CVE-2001-0471
CVE-2001-0471 applies to SSH1 (SSH server 1.2.30 or earlier). The issue is that SSH1 SSH Daemon does not log repeated login attempts, which could allow remote attackers to carry out brute-force-style account compromises without detection. Multiple connected sources (NVD/Nessus/OpenVAS entries) co...
CVE-2001-1473
The SSH-1 protocol allows remote servers to conduct man-in-the-middle attacks and replay a client challenge response to a target server by creating a Session ID that matches the Session ID of the target, but which uses a public key pair that is weaker than the target's public key, which allows th...
SSH-1 allows client authentication to be forwarded by a malicious server to another server
Overview A design flaw in the SSH-1 protocol allows a malicious server to establish two concurrent sessions with the same session ID, allowing a man-in-the-middle attack. The client must accept unknown host keys from the malicious server to enable exploitation of this vulnerability. Description...