Описание
The IDEA cipher as implemented by SSH1 does not protect the final block of a message against modification, which allows remote attackers to modify the block without detection by changing its cyclic redundancy check (CRC) to match the modifications to the message.
Ссылки
- US Government Resource
- US Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:ssh:ssh:1.2.24:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.25:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.26:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.27:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.28:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.29:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.30:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.31:*:*:*:*:*:*:*
EPSS
Процентиль: 66%
0.00523
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
The IDEA cipher as implemented by SSH1 does not protect the final block of a message against modification, which allows remote attackers to modify the block without detection by changing its cyclic redundancy check (CRC) to match the modifications to the message.
EPSS
Процентиль: 66%
0.00523
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other