Replay Attack Vulnerability in SSH 2.0 with RC4 and Password Authentication

Replay Attack Vulnerability in SSH 2.0 with RC4 and Password Authentication

CVE-2001-1475 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

SSH before 2.0, when using RC4 and password authentication, allows remote attackers to replay messages until a new server key (VK) is generated.

Learn more about our Cis Benchmark Audit For Server Software.