CVE-2001-1382 — MEDIUM (5.0)

Q: How severe is CVE-2001-1382?

CVE-2001-1382 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2001-1382?

Check the references section above for vendor advisories and patch information. Affected products include: Openbsd Openssh.

Vulnerability Description

The "echo simulation" traffic analysis countermeasure in OpenSSH before 2.9.9p2 sends an additional echo packet after the password and carriage return is entered, which could allow remote attackers to determine that the countermeasure is being used.

CVSS Score

5.0

MEDIUM

AV:N/AC:L/Au:N/C:P/I:N/A:N

Confidentiality

PARTIAL

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Openbsd	Openssh	<= 2.9.9p2

References

http://www.openwall.com/Owl/CHANGES-stable.shtmlVendor Advisory
http://www.osvdb.org/5408
http://www.openwall.com/Owl/CHANGES-stable.shtmlVendor Advisory
http://www.osvdb.org/5408

FAQ

What is CVE-2001-1382?

CVE-2001-1382 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The "echo simulation" traffic analysis countermeasure in OpenSSH before 2.9.9p2 sends an additional echo packet after the password and carriage return is entered, which could allow remote attackers to...

How severe is CVE-2001-1382?

CVE-2001-1382 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2001-1382?

Check the references section above for vendor advisories and patch information. Affected products include: Openbsd Openssh.