Definition
New Search
SSH as implemented in OpenSSH before 4.0 and possibly other implementations stores hostnames IP addresses and keys in plaintext in the known_hosts file which makes it easier for an attacker that has compromised an SSH user's account to generate a list of additional targets that are more likely to have the same password or key.
oval:org.mitre.oval:def:10201
SSH as implemented in OpenSSH before 4.0 and possibly other implementations stores hostnames IP addresses and keys in plaintext in the known_hosts file which makes it easier for an attacker that has compromised an SSH user's account to generate a list of additional targets that are more likely to have the same password or key.
Family:
unix
Status:
ACCEPTED
Platform(s):
- CentOS Linux 4
- Red Hat Enterprise Linux 4
- Oracle Linux 4
Class:
vulnerability
Reference(s):
- CVE-2005-2666
Product(s):