CVE-2001-1474

Medium

5/10

Summary

SSH before 2.0 disables host key checking when connecting to the localhost, which allows remote attackers to silently redirect connections to the localhost by poisoning the client's DNS cache.

Access Complexity: LOW
AccessVector: NETWORK
Authentication: NONE
Integrity Impact: PARTIAL
Confidentiality Impact: NONE
Availability Impact: NONE

References

Advisory Timeline

Published Jan 18, 2001

CVE-2001-1474

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS