Vulnerabilities > SSH > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-11-19 | CVE-2008-5161 | Information Exposure vulnerability in multiple products Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors. | 2.6 |
| 2003-12-31 | CVE-2003-1120 | Unspecified vulnerability in SSH Tectia Server 4.0.3/4.0.4 Race condition in SSH Tectia Server 4.0.3 and 4.0.4 for Unix, when the password change plugin (ssh-passwd-plugin) is enabled, allows local users to obtain the server's private key. | 3.7 |
| 2001-06-02 | CVE-2001-0259 | Unspecified vulnerability in SSH ssh-keygen in ssh 1.2.27 - 1.2.30 with Secure-RPC can allow local attackers to recover a SUN-DES-1 magic phrase generated by another user, which the attacker can use to decrypt that user's private key file. | 3.6 |
| 1999-09-17 | CVE-1999-0787 | Unspecified vulnerability in SSH 1.2.27 The SSH authentication agent follows symlinks via a UNIX domain socket. | 2.1 |