This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:ssh:ssh:1.2.31
Detail
VendorSshFirst view 2000-02-24
ProductSshLast view 2011-05-31
Version1.2.31TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:ssh:ssh

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
7.8 2011-05-31 CVE-2011-0766 Network Low None Requ...
7.2 2002-12-31 CVE-2002-1715 Local Low None Requ...
7.5 2001-08-22 CVE-2001-0572 Network Low None Requ...
4 2001-06-27 CVE-2001-0361 Network High None Requ...
10 2001-03-12 CVE-2001-0144 Network Low None Requ...
Hide | Show 8 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
7.5 2001-01-18 CVE-2001-1476 Network Low None Requ...
7.5 2001-01-18 CVE-2001-1475 Network Low None Requ...
5 2001-01-18 CVE-2001-1474 Network Low None Requ...
7.5 2001-01-18 CVE-2001-1473 Network Low None Requ...
5 2001-01-18 CVE-2001-1470 Network Low None Requ...
5 2001-01-18 CVE-2001-1469 Network Low None Requ...
5 2000-12-19 CVE-2000-0992 Network Low None Requ...
5.1 2000-02-24 CVE-2000-0217 Network High None Requ...

CWE : Common Weakness Enumeration

%idName
100% (3)CWE-310Cryptographic Issues

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:5397Multiple Vendor SSH Buffer Overflow Vulnerability
oval:org.mitre.oval:def:5729Multiple Vendor SSH 1.5 Session Key Recovery Vulnerability

Open Source Vulnerability Database (OSVDB)

idDescription
73264Erlang/OTP SSH Predictable Seed Insecure Random Number Generator Weakness
23589SSH Directory Permission Weakness Restricted Shell Bypass
18235SSH RC4 with Password Authentication Message Reply Forced Server Key Generation
18234SSH RC4 User Session Replay Password Portion Enumeration
18232SSH-1 Protocol Duplicate Session ID Client Challenge Response Replay
Hide | Show 9 More...
idDescription
18231SSH localhost Connection Host Key Check Bypass
18230SSH-1 Protocol RC4 Stream Cipher CRC XOR Arbitrary Packet Modification
18229SSH-1 Protocol IDEA Cipher Final Block CRC Modification
3562SSH Traffic Analysis Connection Attributes Disclosure
3561Cisco Devices SSH Password Length Disclosure
2116PKCS 1 Version 1.5 Session Key Retrieval (Bleichenbacher Attack)
1586sshd scp Traversal Arbitrary File Overwrite
1229SSH client xauth Session Hijacking
795Multiple Vendor SSH CRC-32 detect_attack() Function Overflow

OpenVAS Exploits

idDescription
2011-10-14Name : SSH SSH-1 Protocol Authentication Bypass Vulnerability
File : nvt/gb_ssh_authentication_bypass_vuln.nasl
2011-09-09Name : OpenSSH Ciphersuite Specification Information Disclosure Weakness
File : nvt/gb_openssh_49473.nasl
2011-08-03Name : FreeBSD Ports: erlang
File : nvt/freebsd_erlang.nasl
2011-08-02Name : Fedora Update for erlang FEDORA-2011-9598
File : nvt/gb_fedora_2011_9598_erlang_fc15.nasl
2011-08-02Name : Fedora Update for erlang FEDORA-2011-9657
File : nvt/gb_fedora_2011_9657_erlang_fc14.nasl
Hide | Show 4 More...
idDescription
2008-01-17Name : Debian Security Advisory DSA 023-1 (inn2)
File : nvt/deb_023_1.nasl
2008-01-17Name : Debian Security Advisory DSA 086-1 (ssh-nonfree, ssh-socks)
File : nvt/deb_086_1.nasl
2005-11-03Name : PKCS 1 Version 1.5 Session Key Retrieval
File : nvt/ssh_pkcs.nasl
2005-11-03Name : scp File Create/Overwrite
File : nvt/ssh_scp.nasl

Snort® IPS/IDS

DateDescription
2014-01-10ssh CRC32 overflow
RuleID : 1327-community - Type : INDICATOR-SHELLCODE - Revision : 14
2014-01-10ssh CRC32 overflow
RuleID : 1327 - Type : INDICATOR-SHELLCODE - Revision : 14
2014-01-10ssh CRC32 overflow NOOP
RuleID : 1326-community - Type : INDICATOR-SHELLCODE - Revision : 13
2014-01-10ssh CRC32 overflow NOOP
RuleID : 1326 - Type : INDICATOR-SHELLCODE - Revision : 13
2014-01-10ssh CRC32 overflow filler
RuleID : 1325-community - Type : INDICATOR-SHELLCODE - Revision : 10
Hide | Show 3 More...
DateDescription
2014-01-10ssh CRC32 overflow filler
RuleID : 1325 - Type : INDICATOR-SHELLCODE - Revision : 10
2014-01-10ssh CRC32 overflow /bin/sh
RuleID : 1324-community - Type : INDICATOR-SHELLCODE - Revision : 12
2014-01-10ssh CRC32 overflow /bin/sh
RuleID : 1324 - Type : INDICATOR-SHELLCODE - Revision : 12

Nessus® Vulnerability Scanner

idDescription
2011-10-04Name : The remote host has an application installed that is affected by a session hi...
File : openssh_123.nasl - Type : ACT_GATHER_INFO
2011-10-04Name : Remote attackers may be able to infer information about traffic inside an SSH...
File : openssh_252.nasl - Type : ACT_GATHER_INFO
2011-08-29Name : The SSH service running on the remote host has an information disclosure vuln...
File : sunssh_plaintext_recovery.nasl - Type : ACT_GATHER_INFO
2011-08-01Name : The remote Fedora host is missing a security update.
File : fedora_2011-9598.nasl - Type : ACT_GATHER_INFO
2011-08-01Name : The remote Fedora host is missing a security update.
File : fedora_2011-9657.nasl - Type : ACT_GATHER_INFO
Hide | Show 10 More...
idDescription
2011-05-26Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_e483392786e511e0a6b4000a5e1e33c6.nasl - Type : ACT_GATHER_INFO
2010-09-01Name : The remote device is missing a vendor-supplied security patch
File : cisco-sa-20010627-sshhttp.nasl - Type : ACT_GATHER_INFO
2004-09-29Name : The remote Debian host is missing a security-related update.
File : debian_DSA-023.nasl - Type : ACT_GATHER_INFO
2004-09-29Name : The remote Debian host is missing a security-related update.
File : debian_DSA-027.nasl - Type : ACT_GATHER_INFO
2004-09-29Name : The remote Debian host is missing a security-related update.
File : debian_DSA-086.nasl - Type : ACT_GATHER_INFO
2004-09-18Name : The remote Mandrake Linux host is missing one or more security updates.
File : mandrake_MDKSA-2001-033.nasl - Type : ACT_GATHER_INFO
2003-03-10Name : The remote host has an application that is affected by a directory traversal ...
File : ssh_scp.nasl - Type : ACT_GATHER_INFO
2002-06-05Name : The remote network device is running an SSH server with multiple vulnerabilit...
File : cisco_ssh_multiple_vulns.nasl - Type : ACT_GATHER_INFO
2002-03-06Name : The remote service offers an insecure cryptographic protocol.
File : ssh1_proto_enabled.nasl - Type : ACT_GATHER_INFO
2001-02-09Name : It is possible to execute arbitrary code on the remote host.
File : ssh_crc32.nasl - Type : ACT_GATHER_INFO