Описание
The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and 3.7.1p1, when Privilege Separation is disabled, does not check the result of the authentication attempt, which can allow remote attackers to gain privileges.
The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and 3.7.1p1, when Privilege Separation is disabled, does not check the result of the authentication attempt, which can allow remote attackers to gain privileges.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2003-0786
- http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/010812.html
- http://www.kb.cert.org/vuls/id/602204
- http://www.openssh.com/txt/sshpam.adv
- http://www.securityfocus.com/archive/1/338616
- http://www.securityfocus.com/archive/1/338617
- http://www.securityfocus.com/bid/8677
EPSS
CVE ID
Связанные уязвимости
The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and 3.7.1p1, when Privilege Separation is disabled, does not check the result of the authentication attempt, which can allow remote attackers to gain privileges.
The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and 3. ...
EPSS