{"api_version":"1","generated_at":"2026-06-13T05:52:10+00:00","cve":"CVE-2005-2146","urls":{"html":"https://cve.report/CVE-2005-2146","api":"https://cve.report/api/cve/CVE-2005-2146.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2005-2146","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2005-2146"},"summary":{"title":"CVE-2005-2146","description":"SSH Tectia Server 4.3.1 and earlier, and SSH Secure Shell for Windows Servers, uses insecure permissions when generating the Secure Shell host identification key, which allows local users to access the key and spoof the server.","state":"PUBLISHED","assigner":"mitre","published_at":"2005-07-05 04:00:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"4.6","severity":"","vector":"AV:L/AC:L/Au:N/C:P/I:P/A:P","data":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"}}],"references":[{"url":"http://www.ssh.com/company/newsroom/article/653/","name":"http://www.ssh.com/company/newsroom/article/653/","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Page Not Found. Sorry about that!","mime":"text/html","httpstatus":"404","archivestatus":"200"},{"url":"http://secunia.com/advisories/15894","name":"http://secunia.com/advisories/15894","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"],"title":"Secunia - Advisories - SSH Tectia Server Insecure Private Key Permissions","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2005-2146","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2005-2146","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2005","cve_id":"2146","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"ssh","cpe5":"tectia_server","cpe6":"4.3.1","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T22:15:37.369Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"15894","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/15894"},{"tags":["x_refsource_CONFIRM","x_transferred"],"url":"http://www.ssh.com/company/newsroom/article/653/"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2005-06-30T00:00:00.000Z","descriptions":[{"lang":"en","value":"SSH Tectia Server 4.3.1 and earlier, and SSH Secure Shell for Windows Servers, uses insecure permissions when generating the Secure Shell host identification key, which allows local users to access the key and spoof the server."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2021-06-15T16:40:05.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"15894","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/15894"},{"tags":["x_refsource_CONFIRM"],"url":"http://www.ssh.com/company/newsroom/article/653/"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2005-2146","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"SSH Tectia Server 4.3.1 and earlier, and SSH Secure Shell for Windows Servers, uses insecure permissions when generating the Secure Shell host identification key, which allows local users to access the key and spoof the server."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"15894","refsource":"SECUNIA","url":"http://secunia.com/advisories/15894"},{"name":"http://www.ssh.com/company/newsroom/article/653/","refsource":"CONFIRM","url":"http://www.ssh.com/company/newsroom/article/653/"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2005-2146","datePublished":"2005-07-05T04:00:00.000Z","dateReserved":"2005-07-06T00:00:00.000Z","dateUpdated":"2024-08-07T22:15:37.369Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2005-07-05 04:00:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:P/A:P","baseScore":4.6,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":3.9,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":true,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:ssh:tectia_server:4.3.1:*:*:*:*:*:*:*","matchCriteriaId":"0AF0262B-1451-40CA-9DD1-F2DEA793BD61"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2005","CveId":"2146","Ordinal":"1","Title":"CVE-2005-2146","CVE":"CVE-2005-2146","Year":"2005"},"notes":[{"CveYear":"2005","CveId":"2146","Ordinal":"1","NoteData":"SSH Tectia Server 4.3.1 and earlier, and SSH Secure Shell for Windows Servers, uses insecure permissions when generating the Secure Shell host identification key, which allows local users to access the key and spoof the server.","Type":"Description","Title":"CVE-2005-2146"},{"CveYear":"2005","CveId":"2146","Ordinal":"2","NoteData":"2005-07-05","Type":"Other","Title":"Published"},{"CveYear":"2005","CveId":"2146","Ordinal":"3","NoteData":"2021-06-15","Type":"Other","Title":"Modified"}]}}}