CVE-2001-1475

Name of the Vulnerable Software and Affected Versions SSH versions prior to 2.0

Description The issue allows remote attackers to replay messages until a new server key is generated, when using RC4 and password authentication.

Recommendations For SSH versions prior to 2.0, consider updating to version 2.0 or later to resolve the issue. As a temporary workaround, consider regenerating the server key (VK) more frequently to minimize the risk of exploitation. Restrict access to password authentication using RC4 to minimize the risk of exploitation.