Vulnerability Details : CVE-2008-5161
Public exploit exists!
Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.
Vulnerability category: Information leak
Threat overview for CVE-2008-5161
Top countries where our scanners detected CVE-2008-5161
Top open port discovered on systems with this issue
22
IPs affected by CVE-2008-5161 3,095
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2008-5161!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2008-5161
Probability of exploitation activity in the next 30 days: 12.27%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 95 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2008-5161
-
SSH Version Scanner
First seen: 2020-04-26auxiliary/scanner/ssh/ssh_versionDetect SSH Version, and the server encryption Authors: - Daniel van Eeden <metasploit@myname.nl> - h00die
CVSS scores for CVE-2008-5161
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
2.6
|
LOW | AV:N/AC:H/Au:N/C:P/I:N/A:N |
4.9
|
2.9
|
NIST |
CWE ids for CVE-2008-5161
-
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.Assigned by: nvd@nist.gov (Primary)
Vendor statements for CVE-2008-5161
-
Red Hat 2009-09-02This issue was addressed for Red Hat Enterprise Linux 5 by https://rhn.redhat.com/errata/RHSA-2009-1287.html After reviewing the upstream fix for this issue, Red Hat does not intend to address this flaw in Red Hat Enterprise Linux 3 or 4 at this time.
-
http://www.cpni.gov.uk/Docs/Vulnerability_Advisory_SSH.txt
-
http://rhn.redhat.com/errata/RHSA-2009-1287.html
-
http://www.securitytracker.com/id?1021236
-
http://www.vupen.com/english/advisories/2009/3184
Webmail: access your OVH emails on ovhcloud.com | OVHcloud
-
http://openssh.org/txt/cbc.adv
-
http://www.securityfocus.com/archive/1/498579/100/0/threaded
-
http://www.vupen.com/english/advisories/2008/3409
-
http://www.kb.cert.org/vuls/id/958563
US Government Resource
-
https://kc.mcafee.com/corporate/index?page=content&id=SB10106
McAfee Security Bulletin - Data Loss Prevention hotfix resolves two security issues
-
http://www.vupen.com/english/advisories/2008/3172
-
http://www.securityfocus.com/bid/32319
-
http://support.avaya.com/elmodocs2/security/ASA-2008-503.htm
-
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
Juniper Networks - 2015-10 Security Bulletin: CTPView: Multiple Vulnerabilities in CTPView
-
http://isc.sans.org/diary.html?storyid=5366
-
http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/CPNI957037.html
-
https://kc.mcafee.com/corporate/index?page=content&id=SB10163
McAfee Security Bulletin: Network Data Loss Prevention update fixes CVE-2015-2808 and CVE-2008-5161
-
http://www.ssh.com/company/news/article/953/
Vendor Advisory
-
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667
HPSBMU03607 rev.1 - HPE BladeSystem c-Class Virtual Connect (VC) Firmware, Remote Denial of Service (DoS), Disclosure of Information, Cross-Site Request Forgery (CSRF)
-
http://support.apple.com/kb/HT3937
Page Not Found - Apple Support
-
http://www.securitytracker.com/id?1021382
-
http://www.securitytracker.com/id?1021235
-
http://www.securityfocus.com/archive/1/498558/100/0/threaded
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/46620
- http://marc.info/?l=bugtraq&m=125017764422557&w=2
-
http://www.vupen.com/english/advisories/2008/3173
-
http://sunsolve.sun.com/search/document.do?assetkey=1-66-247186-1
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11279
-
http://www.vupen.com/english/advisories/2009/1135
- http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html
-
http://support.attachmate.com/techdocs/2398.html
- cpe:2.3:a:openbsd:openssh:4.7p1:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:4.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:4.4.5:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:5.2.0:*:ibm_zos:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:4.4.10:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:4.4.11:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:4.4.6:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:4.4.7:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:4.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:4.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:4.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:5.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:5.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:5.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:5.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:6.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:6.0.4:*:linux_ibm_zos:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:5.5.1:*:ibm_zos:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:5.2.2:*:ibm_zos:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:5.1.1:*:ibm_zos:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:4.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:5.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:5.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:5.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:5.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:5.2.1:*:ibm_zos:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:5.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:5.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:5.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:5.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:5.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:6.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:6.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:5.4.1:*:ibm_zos:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:5.4.2:*:ibm_zos:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:5.3.0:*:ibm_zos:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:4.4.8:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:4.4.9:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:4.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:4.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:5.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:5.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:5.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:5.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:5.5.0:*:ibm_zos:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:5.4.0:*:ibm_zos:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:6.0.0:*:ibm_zos:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_server:6.0.1:*:ibm_zos:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:4.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:4.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:4.2:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:4.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:4.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:4.3.1j:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:4.3.8k:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:4.4:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:4.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:4.3:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:4.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:4.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:4.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:4.3.9k:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:4.4.7:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:4.4.8:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:4.4.11:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:5.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:5.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:5.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:5.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:5.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:6.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:4.3.2j:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:4.4.9:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:4.4.10:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:5.0.3f:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:5.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:5.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:5.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:5.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:6.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:5.0.1f:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:5.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:5.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:5.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:5.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:4.4.6:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:5.0.0f:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:5.0.2f:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:5.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:5.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:5.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:5.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_client:6.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connector:5.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connector:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connector:4.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connector:5.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connector:4.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connector:4.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connector:4.4.6:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connector:4.4.7:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connector:5.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connector:5.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connector:5.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connector:4.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connector:4.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connector:4.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connector:4.4.4:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connector:5.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connector:5.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connector:5.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connector:5.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connector:5.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connector:5.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connector:4.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connector:4.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connector:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connector:4.4.9:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connector:4.4.10:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connector:5.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connector:5.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connector:5.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connector:5.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connectsecure:6.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connectsecure:6.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connectsecure:6.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connectsecure:6.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:ssh:tectia_connectsecure:6.0.0:*:*:*:*:*:*:*