Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2007-0726

The SSH key generation process in OpenSSH in Apple Mac OS X 10.3.9 and 10.4 through 10.4.8 allows remote attackers to cause a denial of service by connecting to the server before SSH has finished creating keys, which causes the keys to be regenerated and can break trust relationships that were based on the original keys.

Published

2007-03-13T22:19:00.000

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 5.0 (MEDIUM)

CVSSv2 Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

  • Access Vector: NETWORK
  • Access Complexity: LOW
  • Authentication: NONE
  • Confidentiality Impact: NONE
  • Integrity Impact: NONE
  • Availability Impact: PARTIAL
Exploitability Score

10.0

Impact Score

2.9

Weaknesses
  • Type: Primary
    NVD-CWE-Other
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Operating System apple mac_os_x 10.3.9 Yes
Operating System apple mac_os_x 10.4 Yes
Operating System apple mac_os_x 10.4.1 Yes
Operating System apple mac_os_x 10.4.2 Yes
Operating System apple mac_os_x 10.4.3 Yes
Operating System apple mac_os_x 10.4.4 Yes
Operating System apple mac_os_x 10.4.5 Yes
Operating System apple mac_os_x 10.4.6 Yes
Operating System apple mac_os_x 10.4.7 Yes
Operating System apple mac_os_x 10.4.8 Yes
Operating System apple mac_os_x_server 10.3.9 Yes
Operating System apple mac_os_x_server 10.4 Yes
Operating System apple mac_os_x_server 10.4.1 Yes
Operating System apple mac_os_x_server 10.4.2 Yes
Operating System apple mac_os_x_server 10.4.3 Yes
Operating System apple mac_os_x_server 10.4.4 Yes
Operating System apple mac_os_x_server 10.4.5 Yes
Operating System apple mac_os_x_server 10.4.6 Yes
Operating System apple mac_os_x_server 10.4.7 Yes
Operating System apple mac_os_x_server 10.4.8 Yes
References