Exploitation Summary
EIP tracks 1 public exploit for CVE-2001-0471. PoCs published by Jose Nazario.
AI-analyzed exploit summary This exploit leverages a logging flaw in SSH1 to perform a brute-force attack on root passwords without detection after the fourth attempt. It uses an Expect script to automate password guessing from a dictionary file.
Description
SSH daemon version 1 (aka SSHD-1 or SSH-1) 1.2.30 and earlier does not log repeated login attempts, which could allow remote attackers to compromise accounts without detection via a brute force attack.
Exploits (1)
This exploit leverages a logging flaw in SSH1 to perform a brute-force attack on root passwords without detection after the fourth attempt. It uses an Expect script to automate password guessing from a dictionary file.