VULHUB ™

All versions of SSH and OpenSSH which use computability mode 1.99 are vulnerable to a mitm attack without the duplicate key warning because the attacker can force protocol version 1, so the only warning the user gets asks him if he wants to add the new key. Still suspicious, but less so.

All versions of SSH and OpenSSH which use computability mode 1.99 are vulnerable to a mitm attack without the duplicate key warning because the attacker can force protocol version 1, so the only warning the user gets asks him if he wants to add the new key. Still suspicious, but less so.