CVE-2001-1470 — MEDIUM (5.0)

Vulnerability Description

The IDEA cipher as implemented by SSH1 does not protect the final block of a message against modification, which allows remote attackers to modify the block without detection by changing its cyclic redundancy check (CRC) to match the modifications to the message.

CVSS Score

5.0

MEDIUM

AV:N/AC:L/Au:N/C:N/I:P/A:N

Confidentiality

NONE

Integrity

PARTIAL

Availability

NONE

Affected Products

Vendor	Product	Versions
Ssh	Ssh	1.2.24

References

http://www.kb.cert.org/vuls/id/315308US Government Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/6472
http://www.kb.cert.org/vuls/id/315308US Government Resource
https://exchange.xforce.ibmcloud.com/vulnerabilities/6472

FAQ

What is CVE-2001-1470?

CVE-2001-1470 is a vulnerability with a CVSS score of 5.0 (MEDIUM). The IDEA cipher as implemented by SSH1 does not protect the final block of a message against modification, which allows remote attackers to modify the block without detection by changing its cyclic re...

How severe is CVE-2001-1470?

CVE-2001-1470 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2001-1470?

Check the references section above for vendor advisories and patch information. Affected products include: Ssh Ssh.