Exploitation Summary
EIP tracks 2 public exploits for CVE-2008-5161.
PoCs published by talha3117, including Metasploit module auxiliary/scanner/ssh/ssh_version.
AI-analyzed exploit summary This repository contains a Python script that automates version checking for OpenSSH 4.7p1 and uses Metasploit's ssh_login module to perform credential auditing. It does not exploit CVE-2008-5161 directly but serves as a helper tool for automated scanning.
Description
Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.
Exploits (2)
This repository contains a Python script that automates version checking for OpenSSH 4.7p1 and uses Metasploit's ssh_login module to perform credential auditing. It does not exploit CVE-2008-5161 directly but serves as a helper tool for automated scanning.
This Metasploit auxiliary module scans SSH servers to detect vulnerable encryption algorithms, including those affected by CVE-2008-5161 (CBC mode vulnerabilities). It checks for deprecated or weak ciphers, key exchange methods, and host keys.
References (40)
Scores
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N