CVE-1999-0248 — HIGH (10.0)

Vulnerability Description

A race condition in the authentication agent mechanism of sshd 1.2.17 allows an attacker to steal another user's credentials.

CVSS Score

10.0

HIGH

AV:N/AC:L/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Ssh	Ssh	1.2.27

References

http://oliver.efri.hr/~crv/security/bugs/mUNIXes/ssh2.html
http://www.uni-karlsruhe.de/~ig25/ssh-faq/ssh-faq-6.html#ss6.1
http://oliver.efri.hr/~crv/security/bugs/mUNIXes/ssh2.html
http://www.uni-karlsruhe.de/~ig25/ssh-faq/ssh-faq-6.html#ss6.1

FAQ

What is CVE-1999-0248?

CVE-1999-0248 is a vulnerability with a CVSS score of 10.0 (HIGH). A race condition in the authentication agent mechanism of sshd 1.2.17 allows an attacker to steal another user's credentials.

How severe is CVE-1999-0248?

CVE-1999-0248 has been rated HIGH with a CVSS base score of 10.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-1999-0248?

Check the references section above for vendor advisories and patch information. Affected products include: Ssh Ssh.