CVE-2001-1382Openssh vulnerability

3 documents3 sources
Severity
5.0MEDIUMNVD
EPSS
1.5%
top 19.16%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Openbsd Openssh
Timeline
PublishedSep 27
Latest updateApr 30

Description

The "echo simulation" traffic analysis countermeasure in OpenSSH before 2.9.9p2 sends an additional echo packet after the password and carriage return is entered, which could allow remote attackers to determine that the countermeasure is being used.

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

NVDopenbsd/openssh2.9.9p2

🔴Vulnerability Details

2
GHSA
GHSA-pw45-4wv8-37wm: The "echo simulation" traffic analysis countermeasure in OpenSSH before 22022-04-30
CVEList
CVE-2001-1382: The "echo simulation" traffic analysis countermeasure in OpenSSH before 22003-04-02
CVE-2001-1382 — Openbsd Openssh vulnerability | cvebase