CVE-2008-5161
published 2008-11-19CVE-2008-5161: Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and…
PriorityP432low3.7CVSS 3.1
AVNACHPRNUINSUCLINAN
EXPLOIT
EPSS
15.39%
96.4th percentile
Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.
Affected
165 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | openssh | < openssh 1:5.1p1-5 (bookworm) | openssh 1:5.1p1-5 (bookworm) |
| openbsd | openssh | — | — |
| openbsd | openssh | >= 0 < 1:5.1p1-5 | 1:5.1p1-5 |
| openbsd | openssh | >= 0 < 1:5.1p1-5 | 1:5.1p1-5 |
| openbsd | openssh | >= 0 < 1:5.1p1-5 | 1:5.1p1-5 |
| openbsd | openssh | >= 0 < 1:5.1p1-5 | 1:5.1p1-5 |
| ssh | tectia_client | — | — |
| ssh | tectia_client | — | — |
| ssh | tectia_client | — | — |
| ssh | tectia_client | — | — |
| ssh | tectia_client | — | — |
| ssh | tectia_client | — | — |
| ssh | tectia_client | — | — |
| ssh | tectia_client | — | — |
| ssh | tectia_client | — | — |
| ssh | tectia_client | — | — |
| ssh | tectia_client | — | — |
| ssh | tectia_client | — | — |
| ssh | tectia_client | — | — |
| ssh | tectia_client | — | — |
| ssh | tectia_client | — | — |
| ssh | tectia_client | — | — |
| ssh | tectia_client | — | — |
| ssh | tectia_client | — | — |
| ssh | tectia_client | — | — |
CVSS provenance
nvdv3.13.7LOWCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
nvdv2.02.6LOWAV:N/AC:H/Au:N/C:P/I:N/A:N
osv2.6LOW
vendor_debian2.6LOW
vendor_redhat2.6LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
OpenSSH: Plaintext Recovery Attack against CBC ciphers
vendor_redhat·2008-11-19·CVSS 2.6
CVE-2008-5161 [LOW] OpenSSH: Plaintext Recovery Attack against CBC ciphers
OpenSSH: Plaintext Recovery Attack against CBC ciphers
Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.
Statement: This issue was addressed for Red Hat Enterprise Linux 5 by
https://rhn.redhat.com/errata/RHSA-2009-1
Debian
CVE-2008-5161: openssh - Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Conne...
vendor_debian·2008·CVSS 2.6
CVE-2008-5161 [LOW] CVE-2008-5161: openssh - Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Conne...
Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.
Scope: local
bookworm: resolved (fixed in 1:5.1p1-5)
bullseye: resolved (fixed in 1:5.1p1-5)
forky: resolved (fixed in 1:5.1p1-5)
sid: resolved (fixed in 1:5.1p1-5)
tri
GHSA
GHSA-c9pj-mwph-2xjm: Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4
ghsa_unreviewed·2022-05-14
CVE-2008-5161 [LOW] CWE-200 GHSA-c9pj-mwph-2xjm: Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4
Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.
OSV
CVE-2008-5161: Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4
osv·2008-11-19·CVSS 2.6
CVE-2008-5161 [LOW] CVE-2008-5161: Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4
Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.
No detection rules found.
http://isc.sans.org/diary.html?storyid=5366http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.htmlhttp://marc.info/?l=bugtraq&m=125017764422557&w=2http://openssh.org/txt/cbc.advhttp://osvdb.org/49872http://osvdb.org/50035http://osvdb.org/50036http://rhn.redhat.com/errata/RHSA-2009-1287.htmlhttp://secunia.com/advisories/32740http://secunia.com/advisories/32760http://secunia.com/advisories/32833http://secunia.com/advisories/33121http://secunia.com/advisories/33308http://secunia.com/advisories/34857http://secunia.com/advisories/36558http://sunsolve.sun.com/search/document.do?assetkey=1-66-247186-1http://support.apple.com/kb/HT3937http://support.attachmate.com/techdocs/2398.htmlhttp://support.avaya.com/elmodocs2/security/ASA-2008-503.htmhttp://www.cpni.gov.uk/Docs/Vulnerability_Advisory_SSH.txthttp://www.kb.cert.org/vuls/id/958563http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/CPNI957037.htmlhttp://www.securityfocus.com/archive/1/498558/100/0/threadedhttp://www.securityfocus.com/archive/1/498579/100/0/threadedhttp://www.securityfocus.com/bid/32319http://www.securitytracker.com/id?1021235http://www.securitytracker.com/id?1021236http://www.securitytracker.com/id?1021382http://www.ssh.com/company/news/article/953/http://www.vupen.com/english/advisories/2008/3172http://www.vupen.com/english/advisories/2008/3173http://www.vupen.com/english/advisories/2008/3409http://www.vupen.com/english/advisories/2009/1135http://www.vupen.com/english/advisories/2009/3184https://exchange.xforce.ibmcloud.com/vulnerabilities/46620https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667https://kc.mcafee.com/corporate/index?page=content&id=SB10106https://kc.mcafee.com/corporate/index?page=content&id=SB10163https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11279http://isc.sans.org/diary.html?storyid=5366http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.htmlhttp://marc.info/?l=bugtraq&m=125017764422557&w=2http://openssh.org/txt/cbc.advhttp://osvdb.org/49872http://osvdb.org/50035http://osvdb.org/50036http://rhn.redhat.com/errata/RHSA-2009-1287.htmlhttp://secunia.com/advisories/32740http://secunia.com/advisories/32760http://secunia.com/advisories/32833http://secunia.com/advisories/33121http://secunia.com/advisories/33308http://secunia.com/advisories/34857http://secunia.com/advisories/36558http://sunsolve.sun.com/search/document.do?assetkey=1-66-247186-1http://support.apple.com/kb/HT3937http://support.attachmate.com/techdocs/2398.htmlhttp://support.avaya.com/elmodocs2/security/ASA-2008-503.htmhttp://www.cpni.gov.uk/Docs/Vulnerability_Advisory_SSH.txthttp://www.kb.cert.org/vuls/id/958563http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/CPNI957037.htmlhttp://www.securityfocus.com/archive/1/498558/100/0/threadedhttp://www.securityfocus.com/archive/1/498579/100/0/threadedhttp://www.securityfocus.com/bid/32319http://www.securitytracker.com/id?1021235http://www.securitytracker.com/id?1021236http://www.securitytracker.com/id?1021382http://www.ssh.com/company/news/article/953/http://www.vupen.com/english/advisories/2008/3172http://www.vupen.com/english/advisories/2008/3173http://www.vupen.com/english/advisories/2008/3409http://www.vupen.com/english/advisories/2009/1135http://www.vupen.com/english/advisories/2009/3184https://exchange.xforce.ibmcloud.com/vulnerabilities/46620https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667https://kc.mcafee.com/corporate/index?page=content&id=SB10106https://kc.mcafee.com/corporate/index?page=content&id=SB10163https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11279
2008-11-19
Published