Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2003-0786HistoryNov 17, 2003 - 5:00 a.m.
CVE-2003-0786
2003-11-1705:00:00
Debian Security Bug Tracker
security-tracker.debian.org
11
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
0.025
Percentile
90.2%
The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and 3.7.1p1, when Privilege Separation is disabled, does not check the result of the authentication attempt, which can allow remote attackers to gain privileges.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | openssh | < 1:3.7.1p2 | openssh_1:3.7.1p2_all.deb |
| Debian | 11 | all | openssh | < 1:3.7.1p2 | openssh_1:3.7.1p2_all.deb |
| Debian | 999 | all | openssh | < 1:3.7.1p2 | openssh_1:3.7.1p2_all.deb |
| Debian | 13 | all | openssh | < 1:3.7.1p2 | openssh_1:3.7.1p2_all.deb |
Related
nvd
nvd
CVE-2003-0786
2003-11-17 05:00:00
cve
cve
CVE-2003-0786
2003-11-17 05:00:00
cert
cert
OpenSSH PAM challenge authentication failure
2003-09-23 00:00:00
OpenSSH contains buffer management errors
2003-09-16 00:00:00
cvelist
cvelist
CVE-2003-0786
2003-09-25 04:00:00
nessus
nessus
OpenSSH < 3.7.1p2 Multiple Remote Vulnerabilities
2003-09-23 00:00:00
SunSSH < 1.1.1 / 1.3 CBC Plaintext Disclosure
2011-08-29 00:00:00
CVSS2
10
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
0.025
Percentile
90.2%
Related for DEBIANCVE:CVE-2003-0786