cve/CVE-2017-3204.md at 02b2e6ec35cdb7986441d4aba09d9792f0abaf03

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-06 10:41:43 +00:00

0xMarcio 49bdc782b3 Update Sun May 26 14:27:04 CEST 2024

2024-05-26 14:27:05 +02:00

Description

The Go SSH library (x/crypto/ssh) by default does not verify host keys, facilitating man-in-the-middle attacks. Default behavior changed in commit e4e2799 to require explicitly registering a hostkey verification mechanism.

679 B

Raw Blame History

CVE-2017-3204

Description

POC

Reference

Github

679 B Raw Blame History

CVE-2017-3204

Description

POC

Reference

Github

679 B

Raw Blame History