CVE-2001-0144

Опубликовано: 12 мар. 2001

Источник: nvd

CVSS2: 10

EPSS Средний

Описание

CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow.

Ссылки

http://marc.info/?l=bugtraq&m=98168366406903&w=2
http://razor.bindview.com/publish/advisories/adv_ssh1crc.html
Patch
Vendor Advisory
http://www.cert.org/advisories/CA-2001-35.html
US Government Resource
http://www.osvdb.org/503
http://www.osvdb.org/795
http://www.securityfocus.com/bid/2347
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/6083
http://marc.info/?l=bugtraq&m=98168366406903&w=2
http://razor.bindview.com/publish/advisories/adv_ssh1crc.html
Patch
Vendor Advisory
http://www.cert.org/advisories/CA-2001-35.html
US Government Resource
http://www.osvdb.org/503
http://www.osvdb.org/795
http://www.securityfocus.com/bid/2347
Exploit
Patch
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/6083

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:openbsd:openssh:1.2.2:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:1.2.3:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:2.1:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:2.1.1:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:2.2:*:*:*:*:*:*:*

cpe:2.3:a:ssh:ssh:1.2.24:*:*:*:*:*:*:*

cpe:2.3:a:ssh:ssh:1.2.25:*:*:*:*:*:*:*

cpe:2.3:a:ssh:ssh:1.2.26:*:*:*:*:*:*:*

cpe:2.3:a:ssh:ssh:1.2.27:*:*:*:*:*:*:*

cpe:2.3:a:ssh:ssh:1.2.28:*:*:*:*:*:*:*

cpe:2.3:a:ssh:ssh:1.2.29:*:*:*:*:*:*:*

cpe:2.3:a:ssh:ssh:1.2.30:*:*:*:*:*:*:*

cpe:2.3:a:ssh:ssh:1.2.31:*:*:*:*:*:*:*

EPSS

Процентиль: 98%

0.63977

Средний

10 Critical

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-xrvw-f7p8-2hqm

github

больше 3 лет назад