SSH SSH-1 Protocol Authentication Bypass Vulnerability Network Vulnerability

Summary

The host is running SSH and is prone to authentication bypass vulnerability.

Impact

Successful exploitation could allows remote attackers to bypass security restrictions and to obtain a client's public host key during a connection attempt and use it to open and authenticate an SSH session to another server with the same access. Impact Level: Application

Solution

Upgrade to SSH SSH-2, For updates refer to http://www.openssh.com/

Insight

The flaw is due to an error in the SSH-1 protocol authentication process when encryption is disabled, which allows client authentication to be forwarded by a malicious server to another server.

Affected

SSH Protocol Version SSH-1

References

http://www.kb.cert.org/vuls/id/684820
http://xforce.iss.net/xforce/xfdb/6603

Updated on 2015-03-25

Severity

Classification

CVE CVE-2001-1473

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Adobe AIR Multiple Vulnerabilities-01 Jun14 (Mac OS X)
Adobe Air Multiple Vulnerabilities -01 May 13 (Mac OS X)
Adobe Acrobat Multiple Vulnerabilities - 01 Jan14 (Windows)
Adobe Air Multiple Vulnerabilities -01 August 12 (Windows)
Adobe Flash Player 'SWF' File Multiple Code Execution Vulnerability - Mac OS X

Take action and discover your vulnerabilities