PKCS 1 Version 1.5 Session Key Retrieval Network Vulnerability

Summary

You are running SSH protocol version 1.5. This version allows a remote attacker to decrypt and/or alter traffic via an attack on PKCS#1 version 1.5 knows as a Bleichenbacher attack. OpenSSH up to version 2.3.0, AppGate, and SSH Communications Security ssh-1 up to version 1.2.31 have the vulnerability present, although it may not be exploitable due to configurations.

Solution

Patch and New version are available from SSH/OpenSSH.

Severity

Classification

CVE CVE-2001-0361
CVSS Base Score: 4.0
AV:N/AC:H/Au:N/C:P/I:P/A:N

Related Vulnerabilities

Cyrus IMAP pre-login buffer overrun
scp File Create/Overwrite
Format string on HTTP header value
CUPS < 1.1.23 Multiple Vulnerabilities
Webserver4everyone too long URL

Take action and discover your vulnerabilities