CVE-2004-1357 — Solaris vulnerability

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

5.0%

top 10.30%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

SUN Solaris

Timeline

PublishedApr 7

Latest updateApr 29

Description

The Secure Shell (SSH) Daemon (SSHD) in Sun Solaris 9 does not properly log IP addresses when SSHD is configured with the ListenAddress as 0.0.0.0, which makes it easier for remote attackers to hide the source of their activities.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDsun/solaris9.0

Patches

Patch: secunia.com ↗Patch: sunsolve.sun.com ↗Patch: www.auscert.org.au ↗

🔴Vulnerability Details

GHSA

GHSA-xmv4-8r32-2jcg: The Secure Shell (SSH) Daemon (SSHD) in Sun Solaris 9 does not properly log IP addresses when SSHD is configured with the ListenAddress as 0↗2022-04-29

▶

CVEList

CVE-2004-1357: The Secure Shell (SSH) Daemon (SSHD) in Sun Solaris 9 does not properly log IP addresses when SSHD is configured with the ListenAddress as 0↗2005-01-19

▶