Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2008-5161

Опубликовано: 19 нояб. 2008
Источник: nvd
CVSS2: 2.6
EPSS Низкий

Описание

Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.

Комментарий

http://securitytracker.com/alerts/2008/Nov/1021235.html

CBC mode connections are affected

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:openbsd:openssh:4.7p1:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:4.0:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:4.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:4.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:4.0.4:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:4.0.5:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:4.2:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:4.2.1:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:4.3:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:4.3.1:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:4.3.1j:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:4.3.2:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:4.3.2j:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:4.3.3:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:4.3.4:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:4.3.5:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:4.3.6:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:4.3.7:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:4.3.8k:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:4.3.9k:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:4.4:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:4.4.1:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:4.4.2:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:4.4.3:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:4.4.4:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:4.4.6:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:4.4.7:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:4.4.8:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:4.4.9:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:4.4.10:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:4.4.11:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:5.0.0f:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:5.0.1f:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:5.0.2f:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:5.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:5.0.3f:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:5.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:5.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:5.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:5.1.3:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:5.2.0:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:5.2.1:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:5.2.2:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:5.2.3:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:5.2.4:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:5.3.0:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:5.3.1:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:5.3.2:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:5.3.3:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:5.3.5:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:5.3.6:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:5.3.7:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:5.3.8:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:6.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_client:6.0.4:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connector:4.0.7:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connector:4.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connector:4.1.3:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connector:4.1.5:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connector:4.2.0:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connector:4.3.0:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connector:4.3.4:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connector:4.3.5:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connector:4.4.0:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connector:4.4.2:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connector:4.4.4:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connector:4.4.6:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connector:4.4.7:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connector:4.4.9:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connector:4.4.10:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connector:5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connector:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connector:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connector:5.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connector:5.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connector:5.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connector:5.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connector:5.1.3:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connector:5.2.2:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connector:5.3.0:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connector:5.3.1:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connector:5.3.2:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connector:5.3.3:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connector:5.3.7:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connector:5.3.8:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connectsecure:6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connectsecure:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connectsecure:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connectsecure:6.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_connectsecure:6.0.4:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:4.0:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:4.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:4.0.4:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:4.0.5:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:4.0.7:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:4.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:4.1.3:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:4.1.5:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:4.2.0:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:4.2.1:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:4.2.2:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:4.3:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:4.3.0:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:4.3.1:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:4.3.2:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:4.3.3:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:4.3.4:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:4.3.5:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:4.3.6:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:4.3.7:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:4.4:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:4.4.0:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:4.4.1:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:4.4.2:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:4.4.4:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:4.4.5:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:4.4.6:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:4.4.7:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:4.4.8:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:4.4.9:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:4.4.10:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:4.4.11:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:5.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:5.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:5.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:5.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:5.1.1:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:5.1.1:*:ibm_zos:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:5.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:5.1.3:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:5.2.0:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:5.2.0:*:ibm_zos:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:5.2.1:*:ibm_zos:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:5.2.2:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:5.2.2:*:ibm_zos:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:5.2.3:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:5.2.4:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:5.3.0:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:5.3.0:*:ibm_zos:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:5.3.1:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:5.3.2:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:5.3.3:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:5.3.4:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:5.3.5:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:5.3.6:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:5.3.7:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:5.3.8:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:5.4.0:*:ibm_zos:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:5.4.1:*:ibm_zos:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:5.4.2:*:ibm_zos:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:5.5.0:*:ibm_zos:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:5.5.1:*:ibm_zos:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:6.0.0:*:ibm_zos:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:6.0.1:*:ibm_zos:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:6.0.2:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:6.0.3:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:6.0.4:*:*:*:*:*:*:*
cpe:2.3:a:ssh:tectia_server:6.0.4:*:linux_ibm_zos:*:*:*:*:*

EPSS

Процентиль: 86%
0.03067
Низкий

2.6 Low

CVSS2

Дефекты

CWE-200

Связанные уязвимости

ubuntu логотип

CVE-2008-5161

ubuntu
больше 16 лет назад

Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.

redhat логотип

CVE-2008-5161

redhat
больше 16 лет назад

Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.

debian логотип

CVE-2008-5161

debian
больше 16 лет назад

Error handling in the SSH protocol in (1) SSH Tectia Client and Server ...

github логотип

GHSA-c9pj-mwph-2xjm

github
около 3 лет назад

Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.

oracle-oval логотип

ELSA-2009-1287

oracle-oval
почти 16 лет назад

ELSA-2009-1287: openssh security, bug fix, and enhancement update (LOW)

EPSS

Процентиль: 86%
0.03067
Низкий

2.6 Low

CVSS2

Дефекты

CWE-200
Уязвимость CVE-2008-5161