CVE-2001-1474

SSH before 2.0 disables host key checking when connecting to the localhost, which allows remote attackers to silently redirect connections to the localhost by poisoning the client's DNS cache.
References
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ssh:ssh:1.2.24:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.25:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.26:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.27:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.28:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.29:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.30:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.31:*:*:*:*:*:*:*

History

No history.

Information

Published : 2001-01-18 05:00

Updated : 2024-02-28 10:24


NVD link : CVE-2001-1474

Mitre link : CVE-2001-1474

CVE.ORG link : CVE-2001-1474


JSON object : View

Products Affected

ssh

  • ssh