Vulnerabilities

CVE-2005-2666

by Fred · 23/08/2005

SSH, as implemented in OpenSSH before 4.0 and possibly other implementations, stores hostnames, IP addresses, and keys in plaintext in the known_hosts file, which makes it easier for an attacker that has compromised an SSH user’s account to generate a list of additional targets that are more likely to have the same password or key.

Date published : 2005-08-23

http://nms.csail.mit.edu/projects/ssh/

http://www.eweek.com/article2/0,1759,1815795,00.asp

Similar

Tags: Cybersecurity Alert