Vulnerability Details : CVE-2012-5975

The SSH USERAUTH CHANGE REQUEST feature in SSH Tectia Server 6.0.4 through 6.0.20, 6.1.0 through 6.1.12, 6.2.0 through 6.2.5, and 6.3.0 through 6.3.2 on UNIX and Linux, when old-style password authentication is enabled, allows remote attackers to bypass authentication via a crafted session involving entry of blank passwords, as demonstrated by a root login session from a modified OpenSSH client with an added input_userauth_passwd_changereq call in sshconnect2.c.
Vulnerability category: BypassGain privilege
Published 2012-12-04 23:55:01
Updated 2012-12-05 05:00:00
Source MITRE
View at NVD,
Public exploit exists!

Exploit prediction scoring system (EPSS) score for CVE-2012-5975

Probability of exploitation activity in the next 30 days: 49.14%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 97 % EPSS Score History EPSS FAQ

Metasploit modules for CVE-2012-5975

  • Tectia SSH USERAUTH Change Request Password Reset Vulnerability
    Disclosure Date: 2012-12-01
    First seen: 2020-04-26
    This module exploits a vulnerability in Tectia SSH server for Unix-based platforms. The bug is caused by a SSH2_MSG_USERAUTH_PASSWD_CHANGEREQ request before password authentication, allowing any remote user to bypass the login routine, and then gain access as root

CVSS scores for CVE-2012-5975

Base Score Base Severity CVSS Vector Exploitability Score Impact Score Source

CWE ids for CVE-2012-5975

  • When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
    Assigned by: (Primary)

References for CVE-2012-5975

Products affected by CVE-2012-5975

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to terms of use!