CVE-2008-5124

JSCAPE Secure FTP Applet 4.8.0 and earlier does not ask the user to verify a new or mismatched SSH host key, which makes it easier for remote attackers to perform man-in-the-middle attacks.

Date published : 2008-11-17

http://www.securityfocus.com/bid/29882

http://www.securityfocus.com/archive/1/493569/100/0/threaded