TROYANOSYVIRUS
Zuruck zu CVEs

CVE-2002-0639

CRITICAL
9.8

Beschreibung

Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using SKEY or BSD_AUTH authentication.

CVE Details

CVSS v3.1 Bewertung9.8
SchweregradCRITICAL
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionNONE
Veroffentlicht7/3/2002
Zuletzt geandert4/16/2026
Quellenvd
Honeypot-Sichtungen0

Betroffene Produkte

openbsd:openssh

Schwachen (CWE)

CWE-190

Referenzen

ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-030.0.txt(cve@mitre.org)
http://archives.neohapsis.com/archives/bugtraq/2002-06/0335.html(cve@mitre.org)
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000502(cve@mitre.org)
http://marc.info/?l=bugtraq&m=102514371522793&w=2(cve@mitre.org)
http://marc.info/?l=bugtraq&m=102514631524575&w=2(cve@mitre.org)
http://marc.info/?l=bugtraq&m=102521542826833&w=2(cve@mitre.org)
http://www.cert.org/advisories/CA-2002-18.html(cve@mitre.org)
http://www.debian.org/security/2002/dsa-134(cve@mitre.org)
http://www.iss.net/security_center/static/9169.php(cve@mitre.org)
http://www.kb.cert.org/vuls/id/369347(cve@mitre.org)
http://www.linuxsecurity.com/advisories/other_advisory-2177.html(cve@mitre.org)
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:040(cve@mitre.org)
http://www.osvdb.org/6245(cve@mitre.org)
http://www.securityfocus.com/bid/5093(cve@mitre.org)
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0206-195(cve@mitre.org)
https://twitter.com/RooneyMcNibNug/status/1152332585349111810(cve@mitre.org)
https://web.archive.org/web/20080622172542/www.iss.net/threats/advise123.html(cve@mitre.org)
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-030.0.txt(af854a3a-2127-422b-91ae-364da2661108)
http://archives.neohapsis.com/archives/bugtraq/2002-06/0335.html(af854a3a-2127-422b-91ae-364da2661108)
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000502(af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=102514371522793&w=2(af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=102514631524575&w=2(af854a3a-2127-422b-91ae-364da2661108)
http://marc.info/?l=bugtraq&m=102521542826833&w=2(af854a3a-2127-422b-91ae-364da2661108)
http://www.cert.org/advisories/CA-2002-18.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2002/dsa-134(af854a3a-2127-422b-91ae-364da2661108)
http://www.iss.net/security_center/static/9169.php(af854a3a-2127-422b-91ae-364da2661108)
http://www.kb.cert.org/vuls/id/369347(af854a3a-2127-422b-91ae-364da2661108)
http://www.linuxsecurity.com/advisories/other_advisory-2177.html(af854a3a-2127-422b-91ae-364da2661108)
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:040(af854a3a-2127-422b-91ae-364da2661108)
http://www.osvdb.org/6245(af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/5093(af854a3a-2127-422b-91ae-364da2661108)
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0206-195(af854a3a-2127-422b-91ae-364da2661108)
https://twitter.com/RooneyMcNibNug/status/1152332585349111810(af854a3a-2127-422b-91ae-364da2661108)
https://web.archive.org/web/20080622172542/www.iss.net/threats/advise123.html(af854a3a-2127-422b-91ae-364da2661108)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.