ID CVE-2004-1357
Summary The Secure Shell (SSH) Daemon (SSHD) in Sun Solaris 9 does not properly log IP addresses when SSHD is configured with the ListenAddress as 0.0.0.0, which makes it easier for remote attackers to hide the source of their activities.
References
Vulnerable Configurations
  • cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*
    cpe:2.3:o:sun:solaris:9.0:*:sparc:*:*:*:*:*
  • cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*
    cpe:2.3:o:sun:solaris:9.0:*:x86:*:*:*:*:*
CVSS
Base: 5.0 (as of 11-10-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:P/A:N
oval via4
accepted 2005-10-12T05:49:00.000-04:00
class vulnerability
contributors
name Brian Soby
organization The MITRE Corporation
description The Secure Shell (SSH) Daemon (SSHD) in Sun Solaris 9 does not properly log IP addresses when SSHD is configured with the ListenAddress as 0.0.0.0, which makes it easier for remote attackers to hide the source of their activities.
family unix
id oval:org.mitre.oval:def:3505
status accepted
submitted 2005-04-13T04:00:00.000-04:00
title sshd Log Bypass Vulnerability
version 36
refmap via4
auscert ESB-2004.0263
bid 10080
cert-vn VU#737548
secunia 11316
sunalert 57538
xf solaris-sshd-log-bypass(15784)
Last major update 11-10-2017 - 01:29
Published 07-04-2004 - 04:00
Last modified 11-10-2017 - 01:29
Back to Top