SSH Secure-RPC Weak Encrypted Authentication Vulnerability

Bugtraq ID: 2222
Class: Design Error
CVE:
Remote: No
Local: Yes
Published: Jan 16 2001 12:00AM
Updated: Jan 16 2001 12:00AM
Credit: This vulnerability was discovered by Richard Silverman <slade@shore.net>, and first announced by SSH Communications Security in an advisory posted to Bugtraq on January 16, 2001.
Vulnerable: SSH Communications Security SSH 1.2.30
- BSDI BSD/OS 4.0.1
- BSDI BSD/OS 4.0
- BSDI BSD/OS 3.1
- Caldera OpenLinux 2.4
- Debian Linux 2.2
- Digital (Compaq) TRU64/DIGITAL UNIX 5.0
- Digital (Compaq) TRU64/DIGITAL UNIX 4.0 g
 - FreeBSD FreeBSD 4.2
- FreeBSD FreeBSD 3.5.1
- HP HP-UX 11.11
- HP HP-UX 11.0
- HP HP-UX 10.20
- IBM AIX 4.3.3
- IBM AIX 4.3.2
- IBM AIX 4.3.1
- Mandriva Linux Mandrake 7.2
- Mandriva Linux Mandrake 7.1
- Mandriva Linux Mandrake 7.0
- OpenBSD OpenBSD 2.8
- Red Hat Linux 6.2
 - RedHat Linux 7.0
- S.u.S.E. Linux 7.0
- S.u.S.E. Linux 6.4
- SCO eDesktop 2.4
- SCO eServer 2.3.1
- Sun Solaris 2.5.1
- Sun Solaris 8_sparc
 - Sun Solaris 7.0
 - Sun Solaris 2.6
 SSH Communications Security SSH 1.2.29
SSH Communications Security SSH 1.2.28
SSH Communications Security SSH 1.2.27
- Debian Linux 2.2 sparc
 - Debian Linux 2.2 powerpc
 - Debian Linux 2.2 arm
 - Debian Linux 2.2 alpha
 - Debian Linux 2.2 68k
 - Debian Linux 2.2
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus