CVE-2005-2666 — Openssh vulnerability

CWE-2558 documents7 sources

Severity

1.2LOWNVD

EPSS

0.1%

top 77.94%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Openbsd Openssh

Timeline

PublishedAug 23

Latest updateMay 3

Description

SSH, as implemented in OpenSSH before 4.0 and possibly other implementations, stores hostnames, IP addresses, and keys in plaintext in the known_hosts file, which makes it easier for an attacker that has compromised an SSH user's account to generate a list of additional targets that are more likely to have the same password or key.

CVSS vector

AV:L/AC:H/C:P/I:N/A:NExploitability: 1.9 | Impact: 2.9

Affected Packages2 packages

▶Debianopenbsd/openssh< 1:4.0p1-1+3

▶NVDopenbsd/openssh30 versions+29

Patches

Patch: nms.csail.mit.edu ↗Patch: nms.csail.mit.edu ↗

🔴Vulnerability Details

GHSA

GHSA-rfm3-rfv4-crj6: SSH, as implemented in OpenSSH before 4↗2022-05-03

▶

CVEList

CVE-2005-2666: SSH, as implemented in OpenSSH before 4↗2005-08-23

▶

OSV

CVE-2005-2666: SSH, as implemented in OpenSSH before 4↗2005-08-23

▶

📋Vendor Advisories

Red Hat

openssh vulnerable to known_hosts address harvesting↗2005-07-07

▶

Debian

CVE-2005-2666: openssh - SSH, as implemented in OpenSSH before 4.0 and possibly other implementations, st...↗2005

▶

💬Community

Bugzilla

CVE-2005-2666 openssh vulnerable to known_hosts address harvesting↗2007-02-19

▶

Bugzilla

CVE-2005-2666 openssh vulnerable to known_hosts address harvesting↗2005-07-07

▶