| |
Vulnerability CVE-2005-2146
Published: 2005-07-05 Modified: 2012-02-12
| Description: |
SSH Tectia Server 4.3.1 and earlier, and SSH Secure Shell for Windows Servers, uses insecure permissions when generating the Secure Shell host identification key, which allows local users to access the key and spoof the server. |
CVSS2 => (AV:L/AC:L/Au:N/C:P/I:P/A:P)
| CVSS Base Score |
Impact Subscore |
Exploitability Subscore |
4.6/10 |
6.4/10 |
3.9/10 |
| Exploit range |
Attack complexity |
Authentication |
Local |
Low |
No required |
| Confidentiality impact |
Integrity impact |
Availability impact |
Partial |
Partial |
Partial |
References: |
http://www.ssh.com/company/newsroom/article/653/
http://secunia.com/advisories/15894
|
|
|
Copyright 2024, cxsecurity.com
|
|
|
