Phase:SSH daemon version 1 (aka SSHD-1 or SSH-1) 1.2.30 and earlier does not log repeated login attempts, which could allow remote attackers to compromise accounts without detection via a brute force attack.
ReferencesBUGTRAQ:Monday, February 05, 2001 SSHD-1 Logging Vulnerability | URL:http://www.securityfocus.com/archive/1/160648 | BID:2345 | URL:http://www.securityfocus.com/bid/2345
Votes:Proposed (Thursday, May 24, 2001)
Comments: MODIFY(1) Frech | NOOP(2) Cole, Wall | REVIEWING(2) Ziese, Oliver
F7: Frech> XF:ssh-daemon-failed-login(6071) | Oliver> Not clear how much of this is a vulnerability and how much a | problem with site policy.