CVE-2005-2146
First published: Tue Jul 05 2005(Updated: )
SSH Tectia Server 4.3.1 and earlier, and SSH Secure Shell for Windows Servers, uses insecure permissions when generating the Secure Shell host identification key, which allows local users to access the key and spoof the server.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| SSH Tectia Server | =4.3.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2005-2146?
CVE-2005-2146 is categorized as a medium severity vulnerability.
How do I fix CVE-2005-2146?
To fix CVE-2005-2146, ensure that the permissions for the SSH host identification key are set securely to restrict access.
What impact does CVE-2005-2146 have on SSH servers?
CVE-2005-2146 allows local users to access the host identification key, which can lead to server spoofing.
Which versions of SSH Tectia Server are affected by CVE-2005-2146?
CVE-2005-2146 affects SSH Tectia Server version 4.3.1 and earlier.
Is SSH Secure Shell for Windows Servers vulnerable to CVE-2005-2146?
Yes, SSH Secure Shell for Windows Servers is also vulnerable to CVE-2005-2146.
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/tags
- agent/description
- agent/event
- agent/source
- vendor/ssh
- canonical/ssh tectia server
- version/ssh tectia server/4.3.1