1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
PublicDate: 2005-08-23
Candidate: CVE-2005-2666
References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2666
Description:
SSH, as implemented in OpenSSH before 4.0 and possibly other
implementations, stores hostnames, IP addresses, and keys in plaintext in
the known_hosts file, which makes it easier for an attacker that has
compromised an SSH user's account to generate a list of additional targets
that are more likely to have the same password or key.
Ubuntu-Description:
Notes:
Bugs:
dapper_openssh: not-affected
edgy_openssh: not-affected
feisty_openssh: not-affected
devel_openssh: released (4.6p1-5)
upstream_openssh:
|