1. CVE-Search
  2. CVE-2001-1382
ID CVE-2001-1382
Summary The "echo simulation" traffic analysis countermeasure in OpenSSH before 2.9.9p2 sends an additional echo packet after the password and carriage return is entered, which could allow remote attackers to determine that the countermeasure is being used.
References
Vulnerable Configurations
  • cpe:2.3:a:openbsd:openssh:-:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:-:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.2.2:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.2.2:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.2.2:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.2.2:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.2.3:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.2.3:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.2.3:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.2.3:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.2.27:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.2.27:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.3:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.5:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.5.7:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.5.7:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.5.8:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.5.8:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.1.0:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.1.0:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.1.0:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.1.0:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.1.1:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.1.1:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.1.1:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.1.1:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.1.1:p2:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.1.1:p2:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.1.1:p3:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.1.1:p3:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.1.1:p4:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.1.1:p4:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.2.0:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.2.0:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.2.0:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.2.0:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.3:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.3.0:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.3.0:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.3.0:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.3.0:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.5:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.5.1:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.5.1:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.5.1:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.5.1:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.5.1:p2:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.5.1:p2:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.5.2:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.5.2:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.5.2:p2:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.5.2:p2:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.9:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.9:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.9:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.9:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.9:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.9:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.9:p2:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.9:p2:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.9.9:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.9.9:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.9.9:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.9.9:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.9.9:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.9.9:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.9.9p2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.9.9p2:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 05-09-2008 - 20:26)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:N/A:N
refmap via4
confirm http://www.openwall.com/Owl/CHANGES-stable.shtml
osvdb 5408
Last major update 05-09-2008 - 20:26
Published 27-09-2001 - 04:00
Last modified 05-09-2008 - 20:26
Back to Top