Lucene search
HistoryNov 17, 2003 - 5:00 a.m.
CVE-2003-0787
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.6
Confidence
Low
EPSS
0.009
Percentile
83.3%
The PAM conversation function in OpenSSH 3.7.1 and 3.7.1p1 interprets an array of structures as an array of pointers, which allows attackers to modify the stack and possibly gain privileges.
Affected configurations
Node
openbsdopensshMatch3.7.1
ORopenbsdopensshMatch3.7.1p1
Related
f5
f5
SOL5873 - PAM conversation stack corruption in OpenSSH - CVE-2003-0787
2007-05-16 00:00:00
K5873 : PAM conversation stack corruption in OpenSSH - CVE-2003-0787
2013-03-27 00:00:00
cvelist
cvelist
CVE-2003-0787
2003-09-25 04:00:00
debiancve
debiancve
CVE-2003-0787
2003-11-17 05:00:00
cert
cert
Portable OpenSSH server PAM conversion stack corruption
2003-09-24 00:00:00
cve
cve
CVE-2003-0787
2003-11-17 05:00:00
redhatcve
redhatcve
CVE-2003-0787
2015-10-30 10:02:45
nessus
nessus
OpenSSH < 3.7.1p2 Multiple Remote Vulnerabilities
2003-09-23 00:00:00
SunSSH < 1.1.1 / 1.3 CBC Plaintext Disclosure
2011-08-29 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
6.6
Confidence
Low
EPSS
0.009
Percentile
83.3%
Related for NVD:CVE-2003-0787