Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 12/06/1998 Updated: 18/10/2016

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

SSH 1.2.25, 1.2.23, and other versions, when used in in CBC (Cipher Block Chaining) or CFB (Cipher Feedback 64 bits) modes, allows remote malicious users to insert arbitrary data into an existing stream between an SSH client and server by using a known plaintext attack and computing a valid CRC-32 checksum for the packet, aka the "SSH insertion attack."

Vulnerable Product	Search on Vulmon	Subscribe to Product
ssh secure shell 1.2.23
ssh secure shell 1.2.25

NVD-CWE-Other http://www.kb.cert.org/vuls/id/13877 http://www.iss.net/security_center/static/1126.php http://marc.info/?l=bugtraq&m=90221103125884&w=2 http://marc.info/?l=bugtraq&m=90221104525878&w=2 https://nvd.nist.gov https://www.kb.cert.org/vuls/id/13877

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-1999-1085

Vulnerability Summary

References

Vulmon Search

About

Products

Connect