Back to search
CVE-2001-1380
Published: Apr 2, 2003
Modified: Aug 8, 2024
PUBLISHED
Description
OpenSSH before 2.9.9, while using keypairs and multiple keys of different types in the ~/.ssh/authorized_keys2 file, may not properly handle the "from" option associated with a key, which could allow remote attackers to login from unauthorized IP addresses.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
IMNX-2001-70-034-01
vendor-advisory
x_refsource_IMMUNIX
3369
vdb-entry
x_refsource_BID
RHSA-2001:114
vendor-advisory
x_refsource_REDHAT
20010926 OpenSSH Security Advisory (adv.option)
mailing-list
x_refsource_BUGTRAQ
CLSA-2001:431
vendor-advisory
x_refsource_CONECTIVA
VU#905795
third-party-advisory
x_refsource_CERT-VN
M-010
third-party-advisory
government-resource
x_refsource_CIAC
MDKSA-2001:081
vendor-advisory
x_refsource_MANDRAKE
642
vdb-entry
x_refsource_OSVDB
openssh-access-control-bypass(7179)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now