PT-2001-2496 · Openssh+1 · Openssh+1

Publicado

2001-09-27

Atualizado

2024-07-08

CVE-2001-1382

CVSS v2.0

5.0

Média

Vetor

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions OpenSSH versions prior to 2.9.9p2

Description The issue concerns the "echo simulation" traffic analysis countermeasure in OpenSSH. This countermeasure sends an additional echo packet after the password and carriage return is entered. As a result, remote attackers could determine that the countermeasure is being used.

Recommendations For versions prior to 2.9.9p2, update to version 2.9.9p2 or later to resolve the issue.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

ALT-PU-2024-3921

ALT-PU-2024-4077

ALT-PU-2024-4467

ALT-PU-2024-9513

CVE-2001-1382

Produtos afetados

Alt Linux

Openssh

PT-2001-2496 · Openssh+1 · Openssh+1

CVE-2001-1382

Identificadores relacionados

Produtos afetados

Referências · 352