SSH SSH-1 Protocol Authentication Bypass Vulnerability Network Vulnerability

Summary

The host is running SSH and is prone to authentication bypass vulnerability.

Impact

Successful exploitation could allows remote attackers to bypass security restrictions and to obtain a client's public host key during a connection attempt and use it to open and authenticate an SSH session to another server with the same access. Impact Level: Application

Solution

Upgrade to SSH SSH-2, For updates refer to http://www.openssh.com/

Insight

The flaw is due to an error in the SSH-1 protocol authentication process when encryption is disabled, which allows client authentication to be forwarded by a malicious server to another server.

Affected

SSH Protocol Version SSH-1

References

http://www.kb.cert.org/vuls/id/684820
http://xforce.iss.net/xforce/xfdb/6603

Updated on 2015-03-25

Severity

Classification

CVE CVE-2001-1473
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Adobe Flash Player Code Execution and DoS Vulnerabilities (Linux)
Adobe Acrobat Multiple Vulnerabilities-01 Dec14 (Windows)
Adobe Air Code Execution and DoS Vulnerabilities (MAC OS X)
7T Interactive Graphical SCADA System Multiple Security Vulnerabilities
Adobe Acrobat Sandbox Bypass Vulnerability - Aug14 (Windows)

Take action and discover your vulnerabilities