CVE-2008-5161
3.7 LOWError handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 throu...
Published: 2008-11-19 · Last updated: 2026-05-28
Severity and scoring
- CVSS
- 3.7 LOW
- Vector
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
- CWE
- CWE-200, CWE-329
Affected products
| Vendor | Product |
|---|---|
| openbsd | openssh, tectia_client, tectia_connector |
| ssh | openssh, tectia_client, tectia_connector |
Description
Error handling in the SSH protocol in (1) SSH Tectia Client and Server and Connector 4.0 through 4.4.11, 5.0 through 5.2.4, and 5.3 through 5.3.8; Client and Server and ConnectSecure 6.0 through 6.0.4; Server for Linux on IBM System z 6.0.4; Server for IBM z/OS 5.5.1 and earlier, 6.0.0, and 6.0.1; and Client 4.0-J through 4.3.3-J and 4.0-K through 4.3.10-K; and (2) OpenSSH 4.7p1 and possibly other versions, when using a block cipher algorithm in Cipher Block Chaining (CBC) mode, makes it easier for remote attackers to recover certain plaintext data from an arbitrary block of ciphertext in an SSH session via unknown vectors.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2008-5161
- [Other]http://isc.sans.org/diary.html?storyid=5366
- [Other]http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
- [Other]http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html
- [Other]http://marc.info/?l=bugtraq&m=125017764422557&w=2
- [Other]http://openssh.org/txt/cbc.adv
- [Other]http://osvdb.org/49872
- [Other]http://osvdb.org/50035
- [Other]http://osvdb.org/50036
- [Other]http://rhn.redhat.com/errata/RHSA-2009-1287.html
- [Vendor advisory]http://secunia.com/advisories/32740
- [Vendor advisory]http://secunia.com/advisories/32760
- [Other]http://secunia.com/advisories/32833
- [Other]http://secunia.com/advisories/33121
- [Other]http://secunia.com/advisories/33308
- [Other]http://secunia.com/advisories/34857
- [Other]http://secunia.com/advisories/36558
- [Other]http://sunsolve.sun.com/search/document.do?assetkey=1-66-247186-1
- [Other]http://support.apple.com/kb/HT3937
- [Other]http://support.attachmate.com/techdocs/2398.html
- [Other]http://support.avaya.com/elmodocs2/security/ASA-2008-503.htm
- [Other]http://www.cpni.gov.uk/Docs/Vulnerability_Advisory_SSH.txt
- [Other]http://www.kb.cert.org/vuls/id/958563
- [Other]http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/CPNI957037.html
- [Other]http://www.securityfocus.com/archive/1/498558/100/0/threaded
- [Other]http://www.securityfocus.com/archive/1/498579/100/0/threaded
- [Other]http://www.securityfocus.com/bid/32319
- [Other]http://www.securitytracker.com/id?1021235
- [Other]http://www.securitytracker.com/id?1021236
- [Other]http://www.securitytracker.com/id?1021382
- [Vendor advisory]http://www.ssh.com/company/news/article/953/
- [Other]http://www.vupen.com/english/advisories/2008/3172
- [Other]http://www.vupen.com/english/advisories/2008/3173
- [Other]http://www.vupen.com/english/advisories/2008/3409
- [Other]http://www.vupen.com/english/advisories/2009/1135
- [Other]http://www.vupen.com/english/advisories/2009/3184
- [Other]https://exchange.xforce.ibmcloud.com/vulnerabilities/46620
- [Other]https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667
- [Other]https://kc.mcafee.com/corporate/index?page=content&id=SB10106
- [Other]https://kc.mcafee.com/corporate/index?page=content&id=SB10163
- [Other]https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11279
- [Other]http://isc.sans.org/diary.html?storyid=5366
- [Other]http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
- [Other]http://lists.apple.com/archives/security-announce/2009/Nov/msg00000.html
- [Other]http://marc.info/?l=bugtraq&m=125017764422557&w=2
- [Other]http://openssh.org/txt/cbc.adv
- [Other]http://osvdb.org/49872
- [Other]http://osvdb.org/50035
- [Other]http://osvdb.org/50036
- [Other]http://rhn.redhat.com/errata/RHSA-2009-1287.html
- [Vendor advisory]http://secunia.com/advisories/32740
- [Vendor advisory]http://secunia.com/advisories/32760
- [Other]http://secunia.com/advisories/32833
- [Other]http://secunia.com/advisories/33121
- [Other]http://secunia.com/advisories/33308
- [Other]http://secunia.com/advisories/34857
- [Other]http://secunia.com/advisories/36558
- [Other]http://sunsolve.sun.com/search/document.do?assetkey=1-66-247186-1
- [Other]http://support.apple.com/kb/HT3937
- [Other]http://support.attachmate.com/techdocs/2398.html
- [Other]http://support.avaya.com/elmodocs2/security/ASA-2008-503.htm
- [Other]http://www.cpni.gov.uk/Docs/Vulnerability_Advisory_SSH.txt
- [Other]http://www.kb.cert.org/vuls/id/958563
- [Other]http://www.rtpro.yamaha.co.jp/RT/FAQ/Security/CPNI957037.html
- [Other]http://www.securityfocus.com/archive/1/498558/100/0/threaded
- [Other]http://www.securityfocus.com/archive/1/498579/100/0/threaded
- [Other]http://www.securityfocus.com/bid/32319
- [Other]http://www.securitytracker.com/id?1021235
- [Other]http://www.securitytracker.com/id?1021236
- [Other]http://www.securitytracker.com/id?1021382
- [Vendor advisory]http://www.ssh.com/company/news/article/953/
- [Other]http://www.vupen.com/english/advisories/2008/3172
- [Other]http://www.vupen.com/english/advisories/2008/3173
- [Other]http://www.vupen.com/english/advisories/2008/3409
- [Other]http://www.vupen.com/english/advisories/2009/1135
- [Other]http://www.vupen.com/english/advisories/2009/3184
- [Other]https://exchange.xforce.ibmcloud.com/vulnerabilities/46620
- [Other]https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667
- [Other]https://kc.mcafee.com/corporate/index?page=content&id=SB10106
- [Other]https://kc.mcafee.com/corporate/index?page=content&id=SB10163
- [Other]https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11279
Related CVEs
Same vendor
- CVE-2026-3497 — Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions (7.5 HIGH)
- CVE-2023-51767 — OpenSSH through 10.0, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer ... (7.0 HIGH)
- CVE-2023-51384 — In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied (5.5 MEDIUM)
- CVE-2023-28531 — ssh-add in OpenSSH before 9.3 adds smartcard keys to ssh-agent without the intended per-hop destination constraints (9.8 CRITICAL)
- CVE-2023-25136 — OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling (6.5 MEDIUM)
Same CWE
- CVE-2026-49219 — ImageMagick is free and open-source software used for editing and manipulating digital images (5.5 MEDIUM)
- CVE-2026-47165 — ImageMagick is free and open-source software used for editing and manipulating digital images (4.1 MEDIUM)
- CVE-2026-48855 — Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Erlang OTP ssh (ssh_sftpd module) allows File Discovery
- CVE-2026-45329 — ESF-IDF is the Espressif Internet of Things (IOT) Development Framework (7.1 HIGH)
- CVE-2026-36719 — An information disclosure vulnerability in the /api/v1/user/info endpoint of AgentChat v2.3.0 allows unauthenticated attackers to obtain ... (7.5 HIGH)