Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
1.2
CVSSv2

CVE-2005-2666

Published: 23/08/2005 Updated: 07/11/2023
CVSS v2 Base Score: 1.2 | Impact Score: 2.9 | Exploitability Score: 1.9
VMScore: 107
Vector: AV:L/AC:H/Au:N/C:P/I:N/A:N
Subscribe to Openssh

Vulnerability Summary

SSH, as implemented in OpenSSH prior to 4.0 and possibly other implementations, stores hostnames, IP addresses, and keys in plaintext in the known_hosts file, which makes it easier for an attacker that has compromised an SSH user's account to generate a list of additional targets that are more likely to have the same password or key.

Vulnerable Product Search on Vulmon Subscribe to Product

openbsd openssh 3.8

openbsd openssh 3.8.1p1

openbsd openssh 3.1

openbsd openssh 3.0.2p1

openbsd openssh 3.8.1

openbsd openssh 3.7.1p2

openbsd openssh 3.2.3p1

openbsd openssh 3.1p1

openbsd openssh 3.6.1p2

openbsd openssh 3.9

openbsd openssh 3.0

openbsd openssh 3.2

openbsd openssh 3.6

openbsd openssh 3.7

openbsd openssh 3.5p1

openbsd openssh 3.0.1p1

openbsd openssh 3.3

openbsd openssh 3.2.2p1

openbsd openssh 3.9.1p1

openbsd openssh 3.0.2

openbsd openssh 3.4p1

openbsd openssh 3.6.1p1

openbsd openssh 3.0.1

openbsd openssh 3.6.1

openbsd openssh 3.7.1

openbsd openssh 3.4

openbsd openssh 3.5

openbsd openssh 3.0p1

openbsd openssh 3.3p1

openbsd openssh 3.9.1

References

CWE-255http://nms.csail.mit.edu/projects/ssh/ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.11/SCOSA-2006.11.txthttp://secunia.com/advisories/19243http://www.redhat.com/support/errata/RHSA-2007-0257.htmlhttp://secunia.com/advisories/25098https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10201http://www.eweek.com/article2/0%2C1759%2C1815795%2C00.asphttps://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322cross-site request forgeryunauthorizedCVE-2024-33925reflected XSSCVE-2023-51580CVE-2023-51579CVE-2015-2051CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook