Summary
The host is running SSH and is prone to authentication bypass vulnerability.
Impact
Successful exploitation could allows remote attackers to bypass security restrictions and to obtain a client's public host key during a connection attempt and use it to open and authenticate an SSH session to another server with the same access.
Impact Level: Application
Solution
Upgrade to SSH SSH-2,
For updates refer to http://www.openssh.com/
Insight
The flaw is due to an error in the SSH-1 protocol authentication process when encryption is disabled, which allows client authentication to be forwarded by a malicious server to another server.
Affected
SSH Protocol Version SSH-1
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2001-1473 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Adobe Flash Player Code Execution and DoS Vulnerabilities (Linux)
- Adobe Acrobat Multiple Vulnerabilities-01 Dec14 (Windows)
- Adobe Air Code Execution and DoS Vulnerabilities (MAC OS X)
- 7T Interactive Graphical SCADA System Multiple Security Vulnerabilities
- Adobe Acrobat Sandbox Bypass Vulnerability - Aug14 (Windows)