Back to search
CVE-2001-0572
Published: Jul 27, 2001
Modified: Aug 8, 2024
PUBLISHED
Description
The SSH protocols 1 and 2 (aka SSH-2) as implemented in OpenSSH and other packages have various weaknesses which can allow a remote attacker to obtain the following information via sniffing: (1) password lengths or ranges of lengths, which simplifies brute force password guessing, (2) whether RSA or DSA authentication is being used, (3) the number of authorized_keys in RSA authentication, or (4) the lengths of shell commands.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
MDKSA-2001:033
vendor-advisory
x_refsource_MANDRAKE
RHSA-2001:033
vendor-advisory
x_refsource_REDHAT
20010318 Passive Analysis of SSH (Secure Shell) Traffic
mailing-list
x_refsource_BUGTRAQ
CLA-2001:391
vendor-advisory
x_refsource_CONECTIVA
VU#596827
third-party-advisory
x_refsource_CERT-VN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now