CVE-2001-1476

SSH before 2.0, with RC4 encryption and the "disallow NULL passwords" option enabled, makes it easier for remote attackers to guess portions of user passwords by replaying user sessions with certain modifications, which trigger different messages depending on whether the guess is correct or not.

CVSS v2.0 7.5 HIGH

7.5^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://www.kb.cert.org/vuls/id/565052	Exploit Patch US Government Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/6490

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:ssh:ssh:1.2.27:::::::*
	cpe:2.3:a:ssh:ssh:1.2.28:::::::*
	cpe:2.3:a:ssh:ssh:1.2.29:::::::*
	cpe:2.3:a:ssh:ssh:1.2.30:::::::*
	cpe:2.3:a:ssh:ssh:1.2.25:::::::*
	cpe:2.3:a:ssh:ssh:1.2.26:::::::*
	cpe:2.3:a:ssh:ssh:1.2.24:::::::*
	cpe:2.3:a:ssh:ssh:1.2.31:::::::*

Information

Published : 2001-01-17 21:00

Updated : 2017-07-10 18:29

NVD link : CVE-2001-1476

Mitre link : CVE-2001-1476

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

ssh

ssh

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.kb.cert.org/vuls/id/565052", "name": "VU#565052", "tags": ["Exploit", "Patch", "US Government Resource"], "refsource": "CERT-VN"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6490", "name": "ssh-rc4-replay-conversation(6490)", "tags": [], "refsource": "XF"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "SSH before 2.0, with RC4 encryption and the \"disallow NULL passwords\" option enabled, makes it easier for remote attackers to guess portions of user passwords by replaying user sessions with certain modifications, which trigger different messages depending on whether the guess is correct or not."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2001-1476", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 7.5, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "severity": "HIGH", "impactScore": 6.4, "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false}}, "publishedDate": "2001-01-18T05:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:ssh:ssh:1.2.27:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ssh:ssh:1.2.28:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ssh:ssh:1.2.29:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ssh:ssh:1.2.30:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ssh:ssh:1.2.25:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ssh:ssh:1.2.26:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ssh:ssh:1.2.24:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:ssh:ssh:1.2.31:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2017-07-11T01:29Z"}