Openbsd: >> Openssh Security Vulnerabilities
The default configuration of SSH allows X forwarding, which could allow a remote attacker to control a client's X sessions via a malicious xauth program.
CVSS Score
5.1
EPSS Score
0.01
Published
2000-02-24
The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP.
CVSS Score
4.6
EPSS Score
0.003
Published
2000-02-11
An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy.
CVSS Score
2.1
EPSS Score
0.014
Published
1999-12-14
Page 13