CVE-2001-1474

SSH before 2.0 disables host key checking when connecting to the localhost, which allows remote attackers to silently redirect connections to the localhost by poisoning the client's DNS cache.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ssh:ssh:1.2.24:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.25:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.26:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.27:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.28:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.29:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.30:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.31:*:*:*:*:*:*:*

History

20 Nov 2024, 23:37

Type Values Removed Values Added
References () http://www.kb.cert.org/vuls/id/786900 - Third Party Advisory, US Government Resource () http://www.kb.cert.org/vuls/id/786900 - Third Party Advisory, US Government Resource
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/6604 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/6604 -

Information

Published : 2001-01-18 05:00

Updated : 2024-11-20 23:37


NVD link : CVE-2001-1474

Mitre link : CVE-2001-1474

CVE.ORG link : CVE-2001-1474


JSON object : View

Products Affected

ssh

  • ssh