The "echo simulation" traffic analysis countermeasure in OpenSSH before 2.9.9p2 sends an additional echo packet after the password and carriage return is entered, which could allow remote attackers to determine that the countermeasure is being used.
References
Link | Resource |
---|---|
http://www.openwall.com/Owl/CHANGES-stable.shtml | Vendor Advisory |
http://www.osvdb.org/5408 | |
http://www.openwall.com/Owl/CHANGES-stable.shtml | Vendor Advisory |
http://www.osvdb.org/5408 |
Configurations
History
20 Nov 2024, 23:37
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.openwall.com/Owl/CHANGES-stable.shtml - Vendor Advisory | |
References | () http://www.osvdb.org/5408 - |
Information
Published : 2001-09-27 04:00
Updated : 2024-11-20 23:37
NVD link : CVE-2001-1382
Mitre link : CVE-2001-1382
CVE.ORG link : CVE-2001-1382
JSON object : View
Products Affected
openbsd
- openssh
CWE