SSH before 2.0 disables host key checking when connecting to the localhost, which allows remote attackers to silently redirect connections to the localhost by poisoning the client's DNS cache.
References
Link | Resource |
---|---|
http://www.kb.cert.org/vuls/id/786900 | Third Party Advisory US Government Resource |
https://exchange.xforce.ibmcloud.com/vulnerabilities/6604 |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2001-01-18 05:00
Updated : 2024-02-28 10:24
NVD link : CVE-2001-1474
Mitre link : CVE-2001-1474
CVE.ORG link : CVE-2001-1474
JSON object : View
Products Affected
ssh
- ssh
CWE