cbcvebase.
CVE-2008-5161
published 2008-11-19

CVE-2008-5161: Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and…

PriorityP432low3.7CVSS 3.1
AVNACHPRNUINSUCLINAN
EXPLOIT
EPSS
15.39%
96.4th percentile
Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.

Affected

165 ranges· showing 25
VendorProductVersion rangeFixed in
debianopenssh< openssh 1:5.1p1-5 (bookworm)openssh 1:5.1p1-5 (bookworm)
openbsdopenssh
openbsdopenssh>= 0 < 1:5.1p1-51:5.1p1-5
openbsdopenssh>= 0 < 1:5.1p1-51:5.1p1-5
openbsdopenssh>= 0 < 1:5.1p1-51:5.1p1-5
openbsdopenssh>= 0 < 1:5.1p1-51:5.1p1-5
sshtectia_client
sshtectia_client
sshtectia_client
sshtectia_client
sshtectia_client
sshtectia_client
sshtectia_client
sshtectia_client
sshtectia_client
sshtectia_client
sshtectia_client
sshtectia_client
sshtectia_client
sshtectia_client
sshtectia_client
sshtectia_client
sshtectia_client
sshtectia_client
sshtectia_client

CVSS provenance

nvdv3.13.7LOWCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
nvdv2.02.6LOWAV:N/AC:H/Au:N/C:P/I:N/A:N
osv2.6LOW
vendor_debian2.6LOW
vendor_redhat2.6LOW
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.