SSH before 2.0 disables host key checking when connecting to the localhost, which allows remote attackers to silently redirect connections to the localhost by poisoning the client's DNS cache.
References
Link | Resource |
---|---|
http://www.kb.cert.org/vuls/id/786900 | Third Party Advisory US Government Resource |
https://exchange.xforce.ibmcloud.com/vulnerabilities/6604 |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2005-04-21T04:00:00
Updated: 2017-07-10T14:57:01
Reserved: 2005-04-21T00:00:00
Link: CVE-2001-1474
JSON object: View
NVD Information
Status : Modified
Published: 2001-01-18T05:00:00.000
Modified: 2017-07-11T01:29:09.197
Link: CVE-2001-1474
JSON object: View
Redhat Information
No data.
CWE