CVE-2003-1120 Information

Description

Race condition in SSH Tectia Server 4.0.3 and 4.0.4 for Unix when the password change plugin (ssh-passwd-plugin) is enabled allows local users to obtain the server’s private key.

Reference

http://secunia.com/advisories/11193 http://securitytracker.com/alerts/2004/Mar/1009532.html http://www.kb.cert.org/vuls/id/814198 http://www.osvdb.org/displayvuln.php?osvdb_id=4491 http://www.securityfocus.com/bid/9956 http://www.ssh.com/company/newsroom/article/520/ https://exchange.xforce.ibmcloud.com/vulnerabilities/15585