exploits , vulnerabilities , articles , OpenSSH S/Key Remote Information Disclosure Vulnerability

Title	OpenSSH S/Key Remote Information Disclosure Vulnerability
Published	2007-04-23-12:00AM
Updated	2007-04-23-11:30PM
Class	Design Error
CVE
Remote	Yes
Local	No
Credit	Rembrandt disclosed this vulnerability.
Vulnerable	OpenBSD Portable OpenSSH 4.4.p1 OpenBSD Portable OpenSSH 4.3.p2 OpenBSD Portable OpenSSH 4.3.p1 OpenBSD Portable OpenSSH 4.2.p1 OpenBSD Portable OpenSSH 4.1.p1 OpenBSD Portable OpenSSH 4.0.p1 OpenBSD OpenSSH (FreeBSD Port) 2.9 p2 FreeBSD FreeBSD 4.4 OpenBSD OpenSSH 3.8.1 p1 OpenBSD OpenSSH 3.0.2 p1 OpenBSD OpenSSH 3.0.2 OpenBSD OpenSSH 3.0.2 OpenBSD OpenSSH 3.0.1 p1 Trustix Secure Linux 1.5 Trustix Secure Linux 1.2 Trustix Secure Linux 1.1 OpenBSD OpenSSH 3.0.1 FreeBSD FreeBSD 4.4 FreeBSD FreeBSD 4.3 OpenBSD OpenBSD 2.9 OpenBSD OpenBSD 2.8 OpenBSD OpenBSD 2.7 OpenBSD OpenBSD 2.6 OpenBSD OpenSSH 3.0 p1 OpenBSD OpenSSH 3.0 OpenBSD OpenBSD 2.9 OpenBSD OpenBSD 2.8 OpenBSD OpenBSD 2.7 OpenBSD OpenBSD 2.6 OpenBSD OpenSSH 2.9 p2 Caldera OpenLinux Server 3.1 Caldera OpenLinux Server 3.1 Caldera OpenLinux Workstation 3.1 Caldera OpenLinux Workstation 3.1 HP Secure OS software for Linux 1.0 HP Secure OS software for Linux 1.0 RedHat Linux 7.2 i386 RedHat Linux 7.2 i386 RedHat Linux 7.1 ia64 RedHat Linux 7.1 ia64 RedHat Linux 7.1 i386 RedHat Linux 7.1 i386 RedHat Linux 7.1 alpha RedHat Linux 7.1 alpha RedHat Linux 7.0 i386 RedHat Linux 7.0 i386 RedHat Linux 7.0 alpha RedHat Linux 7.0 alpha OpenBSD OpenSSH 2.9 p1 Caldera OpenLinux 2.4 Debian Linux 2.2 HP HPUX 11.11 IBM AIX 4.3.3 MandrakeSoft Corporate Server 1.0.1 MandrakeSoft Linux Mandrake 8.1 ia64 MandrakeSoft Linux Mandrake 8.1 MandrakeSoft Linux Mandrake 8.0 ppc MandrakeSoft Linux Mandrake 8.0 MandrakeSoft Linux Mandrake 7.2 MandrakeSoft Linux Mandrake 7.1 MandrakeSoft Single Network Firewall 7.2 RedHat Linux 7.1 RedHat Linux 7.0 RedHat Linux 6.2 S.u.S.E. Linux 7.1 S.u.S.E. Linux 7.0 SCO eDesktop 2.4 SCO eServer 2.3.1 SGI IRIX 6.5.9 Sun Solaris 7.0 Sun Solaris 2.6 Sun Solaris 8 OpenBSD OpenSSH 2.9 FreeBSD FreeBSD 4.4 OpenBSD OpenBSD 2.9 OpenBSD OpenSSH 2.5.2 p2 RedHat Linux 7.0 OpenBSD OpenSSH 2.5.2 OpenBSD OpenSSH 2.3.1 p1 OpenBSD OpenSSH 2.3.1 OpenBSD OpenBSD 2.8 OpenBSD OpenBSD 2.7 OpenBSD OpenBSD 2.6 OpenBSD OpenSSH 2.2 .x Conectiva Linux 6.0 Debian Linux 2.2 sparc Debian Linux 2.2 powerpc Debian Linux 2.2 arm Debian Linux 2.2 alpha Debian Linux 2.2 68k Debian Linux 2.2 FreeBSD FreeBSD 5.0 FreeBSD FreeBSD 4.2 FreeBSD FreeBSD 4.1.1 HP HPUX 11.11 MandrakeSoft Linux Mandrake 7.2 MandrakeSoft Linux Mandrake 7.1 MandrakeSoft Linux Mandrake 7.0 NetBSD NetBSD 1.4.2 OpenBSD OpenBSD 2.8 OpenBSD OpenBSD 2.7 RedHat Linux 7.0 S.u.S.E. Linux 7.0 Sun Solaris 8 Trustix Trustix Secure Linux 1.1 Trustix Trustix Secure Linux 1.0 OpenBSD OpenSSH 2.2 .0 OpenBSD OpenSSH 2.1.1 p1 Trustix Secure Linux 1.5 Trustix Secure Linux 1.2 Trustix Secure Linux 1.1 OpenBSD OpenSSH 2.1.1 OpenBSD OpenSSH 2.1 .x OpenBSD OpenSSH 2.1 OpenBSD OpenSSH 1.2.3 Debian Linux 2.2 sparc Debian Linux 2.2 powerpc Debian Linux 2.2 arm Debian Linux 2.2 alpha Debian Linux 2.2 68k Debian Linux 2.2 OpenBSD OpenSSH 1.2 OpenBSD OpenSSH 1.0 .x OpenBSD OpenSSH 4.6 OpenBSD OpenSSH 4.5 OpenBSD OpenSSH 4.4 OpenBSD OpenSSH 4.3p1 OpenBSD OpenSSH 4.3 OpenBSD OpenSSH 4.2p1 OpenBSD OpenSSH 4.2 OpenBSD OpenSSH 4.1 OpenBSD OpenSSH 4.0 OpenBSD OpenSSH 3.9 p1
Not Vulnerable
Code	Attackers may use standard SSH clients to exploit this issue.
TXT

Vulnerabilities - newest 10 RSS | More

2009-12-09 Adobe Flash Player and AIR Data Injection Remote Code Execution Vulnerability
2009-12-09 Adobe Flash Player ActiveX Control Information Disclosure Vulnerability
2009-12-09 Adobe Flash Player and AIR Multiple Unspecified Remote Code Execution Vulnerabilities
2009-12-09 HP OpenView Network Node Manager Multiple Remote Code Execution Vulnerabilities
2009-12-09 Shibboleth Redirection URL HTML Injection Vulnerability
2009-12-09 VLC Media Player RTSP Remote Buffer Overflow Vulnerability
2009-12-09 Polipo Malformed HTTP GET Request Memory Corruption Vulnerability
2009-12-09 PhpShop Cross-Site Scripting and SQL Injection Vulnerabilities
2009-12-09 GNU GRUB Local Authentication Bypass Vulnerability
2009-12-09 NTP mode 7 MODE_PRIVATE Packet Remote Denial of Service Vulnerability