This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
Summuary | |
---|---|
CPE Name | cpe:/a:ssh:ssh:1.2.30 |
Detail | |||
---|---|---|---|
Vendor | Ssh | First view | 2000-02-24 |
Product | Ssh | Last view | 2011-05-31 |
Version | 1.2.30 | Type | Application |
Edition | |||
Language | |||
Update | |||
CPE Product | cpe:/a:ssh:ssh |
Activity : Overall
Related : CVE
Date | Alert | Access Vector | Access Complexity | Authentication | ||
---|---|---|---|---|---|---|
7.8 | 2011-05-31 | CVE-2011-0766 | Network | Low | None Requ... | |
7.2 | 2002-12-31 | CVE-2002-1715 | Local | Low | None Requ... | |
7.5 | 2001-08-22 | CVE-2001-0572 | Network | Low | None Requ... | |
7.5 | 2001-06-27 | CVE-2001-0471 | Network | Low | None Requ... | |
4 | 2001-06-27 | CVE-2001-0361 | Network | High | None Requ... | |
Date | Alert | Access Vector | Access Complexity | Authentication | ||
---|---|---|---|---|---|---|
3.6 | 2001-06-02 | CVE-2001-0259 | Local | Low | None Requ... | |
10 | 2001-03-12 | CVE-2001-0144 | Network | Low | None Requ... | |
7.5 | 2001-01-18 | CVE-2001-1476 | Network | Low | None Requ... | |
7.5 | 2001-01-18 | CVE-2001-1475 | Network | Low | None Requ... | |
5 | 2001-01-18 | CVE-2001-1474 | Network | Low | None Requ... | |
7.5 | 2001-01-18 | CVE-2001-1473 | Network | Low | None Requ... | |
5 | 2001-01-18 | CVE-2001-1470 | Network | Low | None Requ... | |
5 | 2001-01-18 | CVE-2001-1469 | Network | Low | None Requ... | |
5 | 2000-12-19 | CVE-2000-0992 | Network | Low | None Requ... | |
5.1 | 2000-02-24 | CVE-2000-0217 | Network | High | None Requ... |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
100% (3) | CWE-310 | Cryptographic Issues |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:5397 | Multiple Vendor SSH Buffer Overflow Vulnerability |
oval:org.mitre.oval:def:5729 | Multiple Vendor SSH 1.5 Session Key Recovery Vulnerability |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
73264 | Erlang/OTP SSH Predictable Seed Insecure Random Number Generator Weakness |
23589 | SSH Directory Permission Weakness Restricted Shell Bypass |
18235 | SSH RC4 with Password Authentication Message Reply Forced Server Key Generation |
18234 | SSH RC4 User Session Replay Password Portion Enumeration |
18232 | SSH-1 Protocol Duplicate Session ID Client Challenge Response Replay |
id | Description |
---|---|
18231 | SSH localhost Connection Host Key Check Bypass |
18230 | SSH-1 Protocol RC4 Stream Cipher CRC XOR Arbitrary Packet Modification |
18229 | SSH-1 Protocol IDEA Cipher Final Block CRC Modification |
8038 | SSH-1 Account Login Attempt Logging Failure |
6471 | SSH ssh-keygen with Secure-RPC SUN-DES-1 Phrase Recovery |
3562 | SSH Traffic Analysis Connection Attributes Disclosure |
3561 | Cisco Devices SSH Password Length Disclosure |
2116 | PKCS 1 Version 1.5 Session Key Retrieval (Bleichenbacher Attack) |
1586 | sshd scp Traversal Arbitrary File Overwrite |
1229 | SSH client xauth Session Hijacking |
795 | Multiple Vendor SSH CRC-32 detect_attack() Function Overflow |
OpenVAS Exploits
id | Description |
---|---|
2011-10-14 | Name : SSH SSH-1 Protocol Authentication Bypass Vulnerability File : nvt/gb_ssh_authentication_bypass_vuln.nasl |
2011-09-09 | Name : OpenSSH Ciphersuite Specification Information Disclosure Weakness File : nvt/gb_openssh_49473.nasl |
2011-08-03 | Name : FreeBSD Ports: erlang File : nvt/freebsd_erlang.nasl |
2011-08-02 | Name : Fedora Update for erlang FEDORA-2011-9598 File : nvt/gb_fedora_2011_9598_erlang_fc15.nasl |
2011-08-02 | Name : Fedora Update for erlang FEDORA-2011-9657 File : nvt/gb_fedora_2011_9657_erlang_fc14.nasl |
id | Description |
---|---|
2008-01-17 | Name : Debian Security Advisory DSA 023-1 (inn2) File : nvt/deb_023_1.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 086-1 (ssh-nonfree, ssh-socks) File : nvt/deb_086_1.nasl |
2005-11-03 | Name : SSH1 SSH Daemon Logging Failure File : nvt/ssh_bruteforce.nasl |
2005-11-03 | Name : SSH Secure-RPC Weak Encrypted Authentication File : nvt/ssh_keygen.nasl |
2005-11-03 | Name : PKCS 1 Version 1.5 Session Key Retrieval File : nvt/ssh_pkcs.nasl |
2005-11-03 | Name : scp File Create/Overwrite File : nvt/ssh_scp.nasl |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | ssh CRC32 overflow RuleID : 1327-community - Type : INDICATOR-SHELLCODE - Revision : 14 |
2014-01-10 | ssh CRC32 overflow RuleID : 1327 - Type : INDICATOR-SHELLCODE - Revision : 14 |
2014-01-10 | ssh CRC32 overflow NOOP RuleID : 1326-community - Type : INDICATOR-SHELLCODE - Revision : 13 |
2014-01-10 | ssh CRC32 overflow NOOP RuleID : 1326 - Type : INDICATOR-SHELLCODE - Revision : 13 |
2014-01-10 | ssh CRC32 overflow filler RuleID : 1325-community - Type : INDICATOR-SHELLCODE - Revision : 14 |
Date | Description |
---|---|
2014-01-10 | ssh CRC32 overflow filler RuleID : 1325 - Type : INDICATOR-SHELLCODE - Revision : 14 |
2014-01-10 | ssh CRC32 overflow /bin/sh RuleID : 1324-community - Type : INDICATOR-SHELLCODE - Revision : 12 |
2014-01-10 | ssh CRC32 overflow /bin/sh RuleID : 1324 - Type : INDICATOR-SHELLCODE - Revision : 12 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2011-10-04 | Name : The remote host has an application installed that is affected by a session hi... File : openssh_123.nasl - Type : ACT_GATHER_INFO |
2011-10-04 | Name : Remote attackers may be able to infer information about traffic inside an SSH... File : openssh_252.nasl - Type : ACT_GATHER_INFO |
2011-08-29 | Name : The SSH service running on the remote host has an information disclosure vuln... File : sunssh_plaintext_recovery.nasl - Type : ACT_GATHER_INFO |
2011-08-01 | Name : The remote Fedora host is missing a security update. File : fedora_2011-9598.nasl - Type : ACT_GATHER_INFO |
2011-08-01 | Name : The remote Fedora host is missing a security update. File : fedora_2011-9657.nasl - Type : ACT_GATHER_INFO |
id | Description |
---|---|
2011-05-26 | Name : The remote FreeBSD host is missing a security-related update. File : freebsd_pkg_e483392786e511e0a6b4000a5e1e33c6.nasl - Type : ACT_GATHER_INFO |
2010-09-01 | Name : The remote device is missing a vendor-supplied security patch File : cisco-sa-20010627-sshhttp.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-023.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-027.nasl - Type : ACT_GATHER_INFO |
2004-09-29 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-086.nasl - Type : ACT_GATHER_INFO |
2004-09-18 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2001-033.nasl - Type : ACT_GATHER_INFO |
2003-03-10 | Name : The remote SSH server does not properly log repeated logins attempts. File : ssh_bruteforce.nasl - Type : ACT_GATHER_INFO |
2003-03-10 | Name : The remote SSH server might allow a local user to recover a SUN-DES-1 passphr... File : ssh_keygen.nasl - Type : ACT_GATHER_INFO |
2003-03-10 | Name : The remote host has an application that is affected by a directory traversal ... File : ssh_scp.nasl - Type : ACT_GATHER_INFO |
2002-06-05 | Name : The remote network device is running an SSH server with multiple vulnerabilit... File : cisco_ssh_multiple_vulns.nasl - Type : ACT_GATHER_INFO |
2002-03-06 | Name : The remote service offers an insecure cryptographic protocol. File : ssh1_proto_enabled.nasl - Type : ACT_GATHER_INFO |
2001-02-09 | Name : It is possible to execute arbitrary code on the remote host. File : ssh_crc32.nasl - Type : ACT_GATHER_INFO |