CVE-2001-1382

OpenSSH < 2.9.9p2 - Traffic Analysis via Echo Simulation Countermeasure

Title source: llm
STIX 2.1

Description

The "echo simulation" traffic analysis countermeasure in OpenSSH before 2.9.9p2 sends an additional echo packet after the password and carriage return is entered, which could allow remote attackers to determine that the countermeasure is being used.

References (2)

Core 2
Core References
Vendor Advisory x_refsource_confirm
http://www.openwall.com/Owl/CHANGES-stable.shtml
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/5408

Scores

EPSS 0.0145
EPSS Percentile 81.1%

Details

Status published
Products (1)
openbsd/openssh < 2.9.9p2
Published Sep 27, 2001
Tracked Since Feb 18, 2026