exploitDog

CVE-2001-1382

Опубликовано: 27 сент. 2001

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

The "echo simulation" traffic analysis countermeasure in OpenSSH before 2.9.9p2 sends an additional echo packet after the password and carriage return is entered, which could allow remote attackers to determine that the countermeasure is being used.

Ссылки

http://www.openwall.com/Owl/CHANGES-stable.shtml
Vendor Advisory
http://www.osvdb.org/5408
http://www.openwall.com/Owl/CHANGES-stable.shtml
Vendor Advisory
http://www.osvdb.org/5408

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*

Версия до 2.9.9p2 (включая)

EPSS

Процентиль: 68%

0.00561

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-pw45-4wv8-37wm

github

почти 4 года назад

The "echo simulation" traffic analysis countermeasure in OpenSSH before 2.9.9p2 sends an additional echo packet after the password and carriage return is entered, which could allow remote attackers to determine that the countermeasure is being used.

EPSS

Процентиль: 68%

0.00561

Низкий

5 Medium

CVSS2

Дефекты

NVD-CWE-Other