CVE-1999-1029

Published: May 13, 1999Modified: Apr 16, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

SSH server (sshd2) before 2.0.12 does not properly record login attempts if the connection is closed before the maximum number of tries, allowing a remote attacker to guess the password without showing up in the audit logs.

Affected (12)

Products: Ssh: Ssh2

Ssh

1 product

Ssh2

Configuration A

12 vulnerable

Vulnerable Software	Affected Versions
Ssh Ssh2	Version 2.0.10
Ssh Ssh2	Version 2.0.11
Ssh Ssh2	Version 2.0.1
Ssh Ssh2	Version 2.0.2
Ssh Ssh2	Version 2.0.3
Ssh Ssh2	Version 2.0.4
Ssh Ssh2	Version 2.0.5
Ssh Ssh2	Version 2.0.6
Ssh Ssh2	Version 2.0.7
Ssh Ssh2	Version 2.0.8
Ssh Ssh2	Version 2.0.9
Ssh Ssh2	Version 2.0

References (6)

http://marc.info/?l=bugtraq&m=92663402004280&w=2

Source: cve@mitre.org

http://www.securityfocus.com/bid/277

Source: cve@mitre.org

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/2193

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=92663402004280&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/bid/277

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/2193

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.