The "echo simulation" traffic analysis countermeasure in OpenSSH before 2.9.9p2 sends an additional echo packet after the password and carriage return is entered, which could allow remote attackers to determine that the countermeasure is being used.
References
Link | Resource |
---|---|
http://www.openwall.com/Owl/CHANGES-stable.shtml | Vendor Advisory |
http://www.osvdb.org/5408 |
Configurations
History
No history.
Information
Published : 2001-09-27 04:00
Updated : 2024-02-28 10:24
NVD link : CVE-2001-1382
Mitre link : CVE-2001-1382
CVE.ORG link : CVE-2001-1382
JSON object : View
Products Affected
openbsd
- openssh
CWE