CVE-1999-1085

CVSS 2.0 Score 5 of 10 (medium)

Details

Published Jun 12, 1998
Updated: Oct 18, 2016

Summary

CVE-1999-1085 is a vulnerability affecting SSH versions 1.2.25 and 1.2.23, as well as others, when used in CBC (Cipher Block Chaining) or CFB (Cipher Feedback 64 bits) modes. attackers can insert arbitrary data into an ongoing SSH stream by exploiting a known plaintext attack. By creating a packet with a valid CRC-32 checksum, they can bypass the security measures and potentially gain unauthorized access to the system. This vulnerability poses a significant risk, especially in environments where SSH is used extensively. It is recommended that affected systems be updated as soon as possible to mitigate this threat.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share