CVE-1999-1029

SSH server (sshd2) before 2.0.12 does not properly record login attempts if the connection is closed before the maximum number of tries, allowing a remote attacker to guess the password without showing up in the audit logs.

Published : 1999-05-13 04:00 Updated : 2017-12-19 02:29

7.5
CVSS Score More info
Score 7.5 / 10
7.5
Vendor Product Version URI
Ssh Ssh2 2.0.2 cpe:/a:ssh:ssh2:2.0.2
Ssh Ssh2 2.0 cpe:/a:ssh:ssh2:2.0
Ssh Ssh2 2.0.11 cpe:/a:ssh:ssh2:2.0.11
Ssh Ssh2 2.0.3 cpe:/a:ssh:ssh2:2.0.3
Ssh Ssh2 2.0.10 cpe:/a:ssh:ssh2:2.0.10
Ssh Ssh2 2.0.4 cpe:/a:ssh:ssh2:2.0.4
Ssh Ssh2 2.0.5 cpe:/a:ssh:ssh2:2.0.5
Ssh Ssh2 2.0.6 cpe:/a:ssh:ssh2:2.0.6
Ssh Ssh2 2.0.7 cpe:/a:ssh:ssh2:2.0.7
Ssh Ssh2 2.0.8 cpe:/a:ssh:ssh2:2.0.8
Ssh Ssh2 2.0.9 cpe:/a:ssh:ssh2:2.0.9
Ssh Ssh2 2.0.1 cpe:/a:ssh:ssh2:2.0.1
  1. Ssh (1) Search CVE
    1. Ssh2 (12) Search CVE
      1. 2.0.2
      2. 2.0
      3. 2.0.11
      4. 2.0.3
      5. 2.0.10
      6. 2.0.4
      7. 2.0.5
      8. 2.0.6
      9. 2.0.7
      10. 2.0.8
      11. 2.0.9
      12. 2.0.1

CWE

There is no CWE for this CVE.

History of changes

Date Event
2017-12-19 02:29
1999-05-13 04:00

New CVE