Autor
aver si me echais un cable
Citar
SSH Servers:Secure Shell Password Brute Force
Port: 22
Description A vulnerability in the SSH2 server up to and including version 2.0.11 allows remote attackers to brute force logins and passwords without the attempts being logged.
When a SSH client cconnect to the server, it has a number (default of three) of attempts to enter the correct password before it is disconnected. If the connection between the client and server is shutdown before using up all the attempts the server will fail to log the clients IP address nor that authentication failed. It will only log that the client disconnected but it will give no indication of why or who the client is.
Risk Level: Medium
How To Fix: upgrade to the latest version
CVE GENERIC-MAP-NOMATCH
BugtraqID: 277
Port: 22
Description A vulnerability in the SSH2 server up to and including version 2.0.11 allows remote attackers to brute force logins and passwords without the attempts being logged.
When a SSH client cconnect to the server, it has a number (default of three) of attempts to enter the correct password before it is disconnected. If the connection between the client and server is shutdown before using up all the attempts the server will fail to log the clients IP address nor that authentication failed. It will only log that the client disconnected but it will give no indication of why or who the client is.
Risk Level: Medium
How To Fix: upgrade to the latest version
CVE GENERIC-MAP-NOMATCH
BugtraqID: 277
y este esel otro tb en el puerto 22
Citar
SSH Servers:SSH client xauth
Port: 22
Description A vulnerability exists in the default configuration of the SSH client that could be used to compromise the security of a client machine. By default, ssh clients will negotiate to forward X connections. This is done using the xauth program to place cookies in the authorization cache of the remote machine for the user logging in. If the superuser on the remote host cannot be trusted, or the root account has been compromised, the xauth key can be read from the user's .Xauthority file, and used to connect to the client machine. This can result in a wide range of compromises on the client host.
Risk Level: Medium
How To Fix: upgrade to the latest version
CVE CVE-2000-0217
BugtraqID: 1006
Port: 22
Description A vulnerability exists in the default configuration of the SSH client that could be used to compromise the security of a client machine. By default, ssh clients will negotiate to forward X connections. This is done using the xauth program to place cookies in the authorization cache of the remote machine for the user logging in. If the superuser on the remote host cannot be trusted, or the root account has been compromised, the xauth key can be read from the user's .Xauthority file, and used to connect to the client machine. This can result in a wide range of compromises on the client host.
Risk Level: Medium
How To Fix: upgrade to the latest version
CVE CVE-2000-0217
BugtraqID: 1006
me gustaria que me ayudasen estoy leyendo 50000 docs y aprendiendo a programar en C asike no me venia mal un poco de ayuda
deberia atacarloen linnux o desde windows como toy aciendo?
En línea
