Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

ssh ssh 1.2.24 vulnerabilities and exploits

(subscribe to this query)
5
CVSSv2

CVE-2001-1469

The RC4 stream cipher as used by SSH1 allows remote malicious users to modify messages without detection by XORing the original message's cyclic redundancy check (CRC) with the CRC of a mask consisting of all the bits of the original message that were modified.
Ssh Ssh 1.2.24Ssh Ssh 1.2.25Ssh Ssh 1.2.26Ssh Ssh 1.2.27Ssh Ssh 1.2.28Ssh Ssh 1.2.29Ssh Ssh 1.2.30Ssh Ssh 1.2.31
5
CVSSv2

CVE-2001-1470

The IDEA cipher as implemented by SSH1 does not protect the final block of a message against modification, which allows remote malicious users to modify the block without detection by changing its cyclic redundancy check (CRC) to match the modifications to the message.
Ssh Ssh 1.2.24Ssh Ssh 1.2.25Ssh Ssh 1.2.26Ssh Ssh 1.2.27Ssh Ssh 1.2.28Ssh Ssh 1.2.29Ssh Ssh 1.2.30Ssh Ssh 1.2.31
7.5
CVSSv2

CVE-2001-1473

The SSH-1 protocol allows remote servers to conduct man-in-the-middle attacks and replay a client challenge response to a target server by creating a Session ID that matches the Session ID of the target, but which uses a public key pair that is weaker than the target's publi...
Ssh Ssh 1.2.24Ssh Ssh 1.2.25Ssh Ssh 1.2.26Ssh Ssh 1.2.27Ssh Ssh 1.2.28Ssh Ssh 1.2.29Ssh Ssh 1.2.30Ssh Ssh 1.2.31
5
CVSSv2

CVE-2001-1474

SSH prior to 2.0 disables host key checking when connecting to the localhost, which allows remote malicious users to silently redirect connections to the localhost by poisoning the client's DNS cache.
Ssh Ssh 1.2.24Ssh Ssh 1.2.25Ssh Ssh 1.2.26Ssh Ssh 1.2.27Ssh Ssh 1.2.28Ssh Ssh 1.2.29Ssh Ssh 1.2.30Ssh Ssh 1.2.31
7.5
CVSSv2

CVE-2001-1475

SSH prior to 2.0, when using RC4 and password authentication, allows remote malicious users to replay messages until a new server key (VK) is generated.
Ssh Ssh 1.2.24Ssh Ssh 1.2.25Ssh Ssh 1.2.26Ssh Ssh 1.2.27Ssh Ssh 1.2.28Ssh Ssh 1.2.29Ssh Ssh 1.2.30Ssh Ssh 1.2.31
7.5
CVSSv2

CVE-2001-1476

SSH prior to 2.0, with RC4 encryption and the "disallow NULL passwords" option enabled, makes it easier for remote malicious users to guess portions of user passwords by replaying user sessions with certain modifications, which trigger different messages depending on wh...
Ssh Ssh 1.2.24Ssh Ssh 1.2.25Ssh Ssh 1.2.26Ssh Ssh 1.2.27Ssh Ssh 1.2.28Ssh Ssh 1.2.29Ssh Ssh 1.2.30Ssh Ssh 1.2.31
7.5
CVSSv2

CVE-2001-0572

The SSH protocols 1 and 2 (aka SSH-2) as implemented in OpenSSH and other packages have various weaknesses which can allow a remote malicious user to obtain the following information via sniffing: (1) password lengths or ranges of lengths, which simplifies brute force password gu...
Openbsd Openssh 4.5Ssh Ssh 1.2.24Ssh Ssh 1.2.25Ssh Ssh 1.2.26Ssh Ssh 1.2.27Ssh Ssh 1.2.28Ssh Ssh 1.2.29Ssh Ssh 1.2.30Ssh Ssh 1.2.31
10
CVSSv2

CVE-2001-0144

CORE SDI SSH1 CRC-32 compensation attack detector allows remote malicious users to execute arbitrary commands on an SSH server or client via an integer overflow.
Openbsd Openssh 1.2.2Openbsd Openssh 1.2.3Openbsd Openssh 2.1Openbsd Openssh 2.1.1Openbsd Openssh 2.2Ssh Ssh 1.2.24Ssh Ssh 1.2.25Ssh Ssh 1.2.26Ssh Ssh 1.2.27Ssh Ssh 1.2.28Ssh Ssh 1.2.29Ssh Ssh 1.2.30
5
CVSSv2

CVE-2000-0992

Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a .. (dot dot) attack.
Openbsd Openssh 1.2Openbsd Openssh 1.2.3Ssh Ssh 1.2.14Ssh Ssh 1.2.15Ssh Ssh 1.2.16Ssh Ssh 1.2.17Ssh Ssh 1.2.18Ssh Ssh 1.2.19Ssh Ssh 1.2.20Ssh Ssh 1.2.21Ssh Ssh 1.2.22Ssh Ssh 1.2.23
4.6
CVSSv2

CVE-2000-0143

The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP.
Openbsd OpensshOpenbsd Openssh 1.2Ssh Ssh 1.2.0Ssh Ssh 1.2.1Ssh Ssh 1.2.2Ssh Ssh 1.2.3Ssh Ssh 1.2.4Ssh Ssh 1.2.5Ssh Ssh 1.2.6Ssh Ssh 1.2.7Ssh Ssh 1.2.8Ssh Ssh 1.2.9
Preferred Score:
CVSSv2
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-29362CVE-2025-29359rising technosoftcode injectionXML injectionCVE-2025-24201vimlocal file inclusionCVE-2025-25292CVE-2024-13376devolutionssiemensCVE-2025-1257
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook