CVE-2001-0259

Name of the Vulnerable Software and Affected Versions ssh versions 1.2.27 through 1.2.30

Description The issue allows local attackers to recover a SUN-DES-1 magic phrase generated by another user. This magic phrase can then be used to decrypt the user's private key file.

Recommendations For versions 1.2.27 through 1.2.30, consider restricting access to the ssh-keygen utility until a fix is available. As a temporary workaround, users should be cautious when using Secure-RPC to generate SUN-DES-1 magic phrases.