Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbMarcell FodorEDB-ID:21402
HistoryApr 19, 2002 - 12:00 a.m.

OpenSSH 2.x/3.x - Kerberos 4 TGT/AFS Token Buffer Overflow

2002-04-1900:00:00
Marcell Fodor
www.exploit-db.com
133

AI Score

7.4

Confidence

Low

JSON
source: https://www.securityfocus.com/bid/4560/info

A buffer overflow condition exists in the OpenSSH server. The condition is exploitable by attackers with valid user credentials in versions 2.9.9 and higher. Exploitation does not require valid user credentials in versions prior to 2.9.9.

The vulnerability is related to the handling of Kerberos 4 TGT/AFS tokens passed by the client. An unbounded string copy operation may result in a stack overflow if the TGT/token data is malformed. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/21402.tar

Related

openvas 1
cve 1
nvd 1
cvelist 1
nessus 2
openvas
openvas
OpenSSH AFS/Kerberos ticket/token passing
2005-11-03 00:00:00
cve
cve
CVE-2002-0575
2003-04-02 05:00:00
nvd
nvd
CVE-2002-0575
2002-06-18 04:00:00
cvelist
cvelist
CVE-2002-0575
2003-04-02 05:00:00
nessus
nessus
OpenSSH Kerberos TGT/AFS Token Passing Remote Overflow
2002-05-12 00:00:00
SunSSH < 1.1.1 / 1.3 CBC Plaintext Disclosure
2011-08-29 00:00:00

AI Score

7.4

Confidence

Low

JSON
Related for EDB-ID:21402
openvas1cve1nvd1cvelist1nessus2