CVE-2001-1473

Name of the Vulnerable Software and Affected Versions OpenSSH (affected versions not specified)

Description The issue allows remote servers to conduct man-in-the-middle attacks by exploiting the SSH-1 protocol. This is done by creating a Session ID that matches the target server's Session ID but uses a weaker public key pair. The attacker can then compute the corresponding private key and use the target's Session ID with the compromised key pair to masquerade as the target.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.