PKCS 1 Version 1.5 Session Key Retrieval Network Vulnerability

Summary

You are running SSH protocol version 1.5. This version allows a remote attacker to decrypt and/or alter traffic via an attack on PKCS#1 version 1.5 knows as a Bleichenbacher attack. OpenSSH up to version 2.3.0, AppGate, and SSH Communications Security ssh-1 up to version 1.2.31 have the vulnerability present, although it may not be exploitable due to configurations.

Solution

Patch and New version are available from SSH/OpenSSH.

Severity

Classification

CVE CVE-2001-0361

CVSS	Base Score: 4.0 AV:N/AC:H/Au:N/C:P/I:P/A:N

Related Vulnerabilities

Netware Perl CGI overflow
4D WebStar Tomcat Plugin Remote Buffer Overflow flaw
Webserver4everyone too long URL
poppassd USER overflow
cyrus-imsp abook_dbname buffer overflow

Take action and discover your vulnerabilities