CVE-2001-1475
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
18/01/2001
Last modified:
11/07/2017
Description
SSH before 2.0, when using RC4 and password authentication, allows remote attackers to replay messages until a new server key (VK) is generated.
Impact
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:ssh:ssh:1.2.24:*:*:*:*:*:*:* | ||
cpe:2.3:a:ssh:ssh:1.2.25:*:*:*:*:*:*:* | ||
cpe:2.3:a:ssh:ssh:1.2.26:*:*:*:*:*:*:* | ||
cpe:2.3:a:ssh:ssh:1.2.27:*:*:*:*:*:*:* | ||
cpe:2.3:a:ssh:ssh:1.2.28:*:*:*:*:*:*:* | ||
cpe:2.3:a:ssh:ssh:1.2.29:*:*:*:*:*:*:* | ||
cpe:2.3:a:ssh:ssh:1.2.30:*:*:*:*:*:*:* | ||
cpe:2.3:a:ssh:ssh:1.2.31:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page