CVE-1999-0547 is a critical vulnerability in certain SSH server implementations that allow authentication based on the legacy .rhosts file. The .rhosts file is a configuration file used by older UNIX systems to specify trusted hosts and users that can access the system without providing a password. In this vulnerability, the SSH server improperly trusts the .rhosts file for authentication, bypassing more secure authentication mechanisms such as password or key-based authentication. This means that an attacker who can spoof or control a trusted host or user entry in the .rhosts file can gain unauthorized access to the SSH server without any credentials. The vulnerability has a CVSS score of 10.0, indicating it is critical with network attack vector, low attack complexity, no authentication required, and complete confidentiality, integrity, and availability impact. Although this vulnerability dates back to 1999 and modern SSH implementations have long deprecated .rhosts authentication, legacy systems or outdated SSH servers may still be vulnerable. Exploitation requires no user interaction and can be performed remotely over the network, making it highly dangerous if present. No patches are available as this is a design flaw related to legacy authentication methods, so mitigation relies on disabling .rhosts authentication and upgrading SSH server software.

For European organizations, this vulnerability poses a severe risk if legacy UNIX or Linux systems running outdated SSH servers are still in use, particularly in critical infrastructure, government, or industrial environments where legacy systems often persist. Successful exploitation allows attackers to gain full remote access with root or administrative privileges, leading to complete system compromise. This can result in data breaches, disruption of services, espionage, or lateral movement within networks. The impact on confidentiality, integrity, and availability is total, potentially affecting sensitive personal data protected under GDPR, intellectual property, and operational continuity. Given the ease of exploitation and the critical nature of SSH as a remote administration tool, organizations relying on vulnerable SSH servers face a significant threat to their cybersecurity posture.

European organizations should immediately audit their SSH server configurations to ensure .rhosts authentication is disabled. This involves verifying the SSH server configuration files (e.g., sshd_config) do not enable or support .rhosts or rhosts authentication methods. Systems running legacy SSH versions should be upgraded to modern, supported versions that have removed support for .rhosts authentication entirely. Network segmentation and strict firewall rules should be applied to limit SSH access to trusted IP addresses. Additionally, organizations should implement multi-factor authentication (MFA) for SSH access where possible and monitor SSH logs for suspicious authentication attempts. Legacy systems that cannot be upgraded should be isolated or replaced to eliminate exposure. Regular vulnerability scanning and penetration testing should include checks for this vulnerability to ensure compliance.