Описание
Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using SKEY or BSD_AUTH authentication.
Ссылки
- Broken Link
- Broken Link
- Broken Link
- ExploitMailing List
- ExploitMailing List
- ExploitMailing List
- Third Party AdvisoryUS Government Resource
- Broken Link
- Broken Link
- Third Party AdvisoryUS Government Resource
- Broken Link
- Broken Link
- Broken Link
- Broken LinkThird Party AdvisoryVDB Entry
- Broken Link
- Broken Link
- Third Party Advisory
- Broken Link
- Broken Link
- Broken Link
Уязвимые конфигурации
Конфигурация 1Версия от 2.9.9 (включая) до 3.3 (включая)
cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*
EPSS
Процентиль: 96%
0.31061
Средний
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-190
Связанные уязвимости
CVSS3: 9.8
debian
почти 23 года назад
Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote at ...
github
около 3 лет назад
Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using SKEY or BSD_AUTH authentication.
EPSS
Процентиль: 96%
0.31061
Средний
9.8 Critical
CVSS3
10 Critical
CVSS2
Дефекты
CWE-190