CVE-2005-2666

Severity

12%

Complexity

19%

Confidentiality

48%

SSH, as implemented in OpenSSH before 4.0 and possibly other implementations, stores hostnames, IP addresses, and keys in plaintext in the known_hosts file, which makes it easier for an attacker that has compromised an SSH user's account to generate a list of additional targets that are more likely to have the same password or key.

SSH, as implemented in OpenSSH before 4.0 and possibly other implementations, stores hostnames, IP addresses, and keys in plaintext in the known_hosts file, which makes it easier for an attacker that has compromised an SSH user's account to generate a list of additional targets that are more likely to have the same password or key.

CVSS 2.0 Base Score 1.2. CVSS Attack Vector: local. CVSS Attack Complexity: high. CVSS Vector: (AV:L/AC:H/Au:N/C:P/I:N/A:N).

Overview

Type

OpenBSD OpenSSH

First reported 19 years ago

2005-08-23 04:00:00

Last updated 7 years ago

2017-10-11 01:30:00

Affected Software

OpenBSD OpenSSH 3.0

3.0

OpenBSD OpenSSH 3.0.1

3.0.1

OpenBSD OpenSSH 3.0.1 p1

3.0.1p1

OpenBSD OpenSSH 3.0.2

3.0.2

OpenBSD OpenSSH 3.0.2p1

3.0.2p1

OpenBSD OpenSSH 3.0 p1

3.0p1

OpenBSD OpenSSH 3.1

3.1

OpenBSD OpenSSH 3.1 p1

3.1p1

OpenBSD OpenSSH 3.2

3.2

OpenBSD OpenSSH 3.2.2 p1

3.2.2p1

OpenBSD OpenSSH 3.2.3 p1

3.2.3p1

OpenBSD OpenSSH 3.3

3.3

OpenBSD OpenSSH 3.3 p1

3.3p1

OpenBSD OpenSSH 3.4

3.4

OpenBSD OpenSSH 3.4 p1

3.4p1

OpenBSD OpenSSH 3.5

3.5

OpenBSD OpenSSH 3.5 p1

3.5p1

OpenBSD OpenSSH 3.6

3.6

OpenBSD OpenSSH 3.6.1

3.6.1

OpenBSD OpenSSH 3.6.1 p1

3.6.1p1

OpenBSD OpenSSH 3.6.1 p2

3.6.1p2

OpenBSD OpenSSH 3.7

3.7

OpenBSD OpenSSH 3.7.1

3.7.1

OpenBSD OpenSSH 3.7.1 p2

3.7.1p2

OpenBSD OpenSSH 3.8

3.8

OpenBSD OpenSSH 3.8.1

3.8.1

OpenBSD OpenSSH 3.8.1 p1

3.8.1p1

OpenBSD OpenSSH 3.9

3.9

OpenBSD OpenSSH 3.9.1

3.9.1

OpenBSD OpenSSH 3.9.1 p1

3.9.1p1

References

SCOSA-2006.11

http://nms.csail.mit.edu/projects/ssh/

Patch

19243

25098

http://www.eweek.com/article2/0,1759,1815795,00.asp

RHSA-2007:0257

oval:org.mitre.oval:def:10201

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.