mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-09 19:17:37 +02:00
marc
1.5 KiB
1.5 KiB
CVE-2020-14145
Description
The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.
POC
Reference
No PoCs from references.
Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Fastiraz/openssh-cve-resolv
- https://github.com/Totes5706/TotesHTB
- https://github.com/VladimirFogel/PRO4
- https://github.com/adegoodyer/ubuntu
- https://github.com/austin-lai/External-Penetration-Testing-Holo-Corporate-Network-TryHackMe-Holo-Network
- https://github.com/bioly230/THM_Skynet
- https://github.com/firatesatoglu/shodanSearch
- https://github.com/phx/cvescan
- https://github.com/siddicky/git-and-crumpets
- https://github.com/vshaliii/Basic-Pentesting-2-Vulnhub-Walkthrough
- https://github.com/vshaliii/DC-1-Vulnhub-Walkthrough
- https://github.com/vshaliii/DC-2-Vulnhub-Walkthrough
- https://github.com/vshaliii/DC-4-Vulnhub-Walkthrough
- https://github.com/vshaliii/Funbox2-rookie