PT-2001-2496 · Openssh+1 · Openssh+1

Published

2001-09-27

Updated

2024-07-08

CVE-2001-1382

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions OpenSSH versions prior to 2.9.9p2

Description The issue concerns the "echo simulation" traffic analysis countermeasure in OpenSSH. This countermeasure sends an additional echo packet after the password and carriage return is entered. As a result, remote attackers could determine that the countermeasure is being used.

Recommendations For versions prior to 2.9.9p2, update to version 2.9.9p2 or later to resolve the issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

ALT-PU-2024-3921

ALT-PU-2024-4077

ALT-PU-2024-4467

ALT-PU-2024-9513

CVE-2001-1382

Affected Products

Alt Linux

Openssh

PT-2001-2496 · Openssh+1 · Openssh+1

CVE-2001-1382

Related Identifiers

Affected Products

References · 352