Page 4 of 20 results (0.004 seconds)

CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0

SSH before 2.0, when using RC4 and password authentication, allows remote attackers to replay messages until a new server key (VK) is generated. • http://www.kb.cert.org/vuls/id/665372 https://exchange.xforce.ibmcloud.com/vulnerabilities/6490 •

CVSS: 5.0EPSS: 0%CPEs: 8EXPL: 0

The IDEA cipher as implemented by SSH1 does not protect the final block of a message against modification, which allows remote attackers to modify the block without detection by changing its cyclic redundancy check (CRC) to match the modifications to the message. • http://www.kb.cert.org/vuls/id/315308 https://exchange.xforce.ibmcloud.com/vulnerabilities/6472 •

CVSS: 5.0EPSS: 0%CPEs: 20EXPL: 3

Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a .. (dot dot) attack. • https://www.exploit-db.com/exploits/20253 http://archives.neohapsis.com/archives/bugtraq/2000-09/0359.html http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:057 http://www.securityfocus.com/bid/1742 https://exchange.xforce.ibmcloud.com/vulnerabilities/5312 •

CVSS: 5.1EPSS: 0%CPEs: 46EXPL: 0

The default configuration of SSH allows X forwarding, which could allow a remote attacker to control a client's X sessions via a malicious xauth program. • http://www.securityfocus.com/bid/1006 •

CVSS: 4.6EPSS: 0%CPEs: 30EXPL: 0

The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0143 •