CVE-2001-1473 (GCVE-0-2001-1473)

Vulnerability from cvelistv5 – Published: 2005-04-21 04:00 – Updated: 2024-08-08 04:58
VLAI?
Summary
The SSH-1 protocol allows remote servers to conduct man-in-the-middle attacks and replay a client challenge response to a target server by creating a Session ID that matches the Session ID of the target, but which uses a public key pair that is weaker than the target's public key, which allows the attacker to compute the corresponding private key and use the target's Session ID with the compromised key pair to masquerade as the target.
Severity ?
No CVSS data available.
CWE
  • n/a
Assigner
References
http://www.kb.cert.org/vuls/id/684820 third-party-advisoryx_refsource_CERT-VN
https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T04:58:11.370Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "VU#684820",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT-VN",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/684820"
          },
          {
            "name": "ssh-authentication-forwarding(6603)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6603"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2001-01-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The SSH-1 protocol allows remote servers to conduct man-in-the-middle attacks and replay a client challenge response to a target server by creating a Session ID that matches the Session ID of the target, but which uses a public key pair that is weaker than the target\u0027s public key, which allows the attacker to compute the corresponding private key and use the target\u0027s Session ID with the compromised key pair to masquerade as the target."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "VU#684820",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT-VN"
          ],
          "url": "http://www.kb.cert.org/vuls/id/684820"
        },
        {
          "name": "ssh-authentication-forwarding(6603)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6603"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2001-1473",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "The SSH-1 protocol allows remote servers to conduct man-in-the-middle attacks and replay a client challenge response to a target server by creating a Session ID that matches the Session ID of the target, but which uses a public key pair that is weaker than the target\u0027s public key, which allows the attacker to compute the corresponding private key and use the target\u0027s Session ID with the compromised key pair to masquerade as the target."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "VU#684820",
              "refsource": "CERT-VN",
              "url": "http://www.kb.cert.org/vuls/id/684820"
            },
            {
              "name": "ssh-authentication-forwarding(6603)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/6603"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2001-1473",
    "datePublished": "2005-04-21T04:00:00",
    "dateReserved": "2005-04-21T00:00:00",
    "dateUpdated": "2024-08-08T04:58:11.370Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ssh:ssh:1.2.24:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B0EDBA45-FDEE-4D4B-A6FF-7E953B523DAE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ssh:ssh:1.2.25:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7AF5BDEF-E86B-4F4D-AF6D-B27044A96B1E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ssh:ssh:1.2.26:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7D0FF07F-E13B-425F-9892-C50B326B2944\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ssh:ssh:1.2.27:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"338EDA76-05D6-48C0-952E-6244A5F206F3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ssh:ssh:1.2.28:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F719468E-A218-4EB5-9F8D-7841E84F44C8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ssh:ssh:1.2.29:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1E4FCD36-0009-4A93-A190-8FDD11C672CA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ssh:ssh:1.2.30:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"71727854-1B75-465F-AF8C-DFE6EFF46B40\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:ssh:ssh:1.2.31:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"64B76EA2-D3A6-4751-ADE6-998C2A7B44FA\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"The SSH-1 protocol allows remote servers to conduct man-in-the-middle attacks and replay a client challenge response to a target server by creating a Session ID that matches the Session ID of the target, but which uses a public key pair that is weaker than the target\u0027s public key, which allows the attacker to compute the corresponding private key and use the target\u0027s Session ID with the compromised key pair to masquerade as the target.\"}]",
      "id": "CVE-2001-1473",
      "lastModified": "2024-11-20T23:37:46.690",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": true, \"userInteractionRequired\": false}]}",
      "published": "2001-01-18T05:00:00.000",
      "references": "[{\"url\": \"http://www.kb.cert.org/vuls/id/684820\", \"source\": \"cve@mitre.org\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/6603\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.kb.cert.org/vuls/id/684820\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"US Government Resource\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/6603\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-310\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2001-1473\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2001-01-18T05:00:00.000\",\"lastModified\":\"2025-04-03T01:03:51.193\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"The SSH-1 protocol allows remote servers to conduct man-in-the-middle attacks and replay a client challenge response to a target server by creating a Session ID that matches the Session ID of the target, but which uses a public key pair that is weaker than the target\u0027s public key, which allows the attacker to compute the corresponding private key and use the target\u0027s Session ID with the compromised key pair to masquerade as the target.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":true,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-310\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ssh:ssh:1.2.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B0EDBA45-FDEE-4D4B-A6FF-7E953B523DAE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ssh:ssh:1.2.25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7AF5BDEF-E86B-4F4D-AF6D-B27044A96B1E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ssh:ssh:1.2.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7D0FF07F-E13B-425F-9892-C50B326B2944\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ssh:ssh:1.2.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"338EDA76-05D6-48C0-952E-6244A5F206F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ssh:ssh:1.2.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F719468E-A218-4EB5-9F8D-7841E84F44C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ssh:ssh:1.2.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E4FCD36-0009-4A93-A190-8FDD11C672CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ssh:ssh:1.2.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"71727854-1B75-465F-AF8C-DFE6EFF46B40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ssh:ssh:1.2.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"64B76EA2-D3A6-4751-ADE6-998C2A7B44FA\"}]}]}],\"references\":[{\"url\":\"http://www.kb.cert.org/vuls/id/684820\",\"source\":\"cve@mitre.org\",\"tags\":[\"US Government Resource\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/6603\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.kb.cert.org/vuls/id/684820\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"US Government Resource\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/6603\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.