CVE-1999-1029

Published May 13, 1999

Last updated 7 years ago

Overview

Description: SSH server (sshd2) before 2.0.12 does not properly record login attempts if the connection is closed before the maximum number of tries, allowing a remote attacker to guess the password without showing up in the audit logs.
Source: cve@mitre.org
NVD status: Modified

Hype score: Not currently trending

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: NVD-CWE-Other

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:ssh:ssh2:2.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "4A7DB2FA-58A8-45B9-AE2E-AE20A872BF90"
          },
          {
            "criteria": "cpe:2.3:a:ssh:ssh2:2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2DD92EA8-8C01-4E4E-9AFE-2B1242AB10CE"
          },
          {
            "criteria": "cpe:2.3:a:ssh:ssh2:2.0.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6FB31028-59BA-4833-BF14-3CB1CA18DAAC"
          },
          {
            "criteria": "cpe:2.3:a:ssh:ssh2:2.0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8A3E89B6-872D-4541-A413-88A956FDAE81"
          },
          {
            "criteria": "cpe:2.3:a:ssh:ssh2:2.0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "98CC86ED-CA78-4E2A-8A12-4F766DB79733"
          },
          {
            "criteria": "cpe:2.3:a:ssh:ssh2:2.0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD500A33-4D0E-44B5-9BBE-A30AA999F662"
          },
          {
            "criteria": "cpe:2.3:a:ssh:ssh2:2.0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EBB8D72F-51E7-47DF-96A4-4EBB517A79D7"
          },
          {
            "criteria": "cpe:2.3:a:ssh:ssh2:2.0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EC2379BA-621E-4986-AAC5-AF359FD57381"
          },
          {
            "criteria": "cpe:2.3:a:ssh:ssh2:2.0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9972B3A4-369E-40B5-9415-F92B7394604A"
          },
          {
            "criteria": "cpe:2.3:a:ssh:ssh2:2.0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1B6E719F-010B-4B8A-B508-0491BD15C465"
          },
          {
            "criteria": "cpe:2.3:a:ssh:ssh2:2.0.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E44D2AE3-DD8B-46D0-B6AB-9F0E6B4DCC4C"
          },
          {
            "criteria": "cpe:2.3:a:ssh:ssh2:2.0.11:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B7735CDD-8BFC-4E30-9C88-27C8943637CA"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Social media

Risk scores

CVSS 2.0

Weaknesses

Configurations

References