Описание
The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and 3.7.1p1, when Privilege Separation is disabled, does not check the result of the authentication attempt, which can allow remote attackers to gain privileges.
Ссылки
- US Government Resource
- US Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:openbsd:openssh:3.7.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.7.1p1:*:*:*:*:*:*:*
EPSS
Процентиль: 88%
0.04175
Низкий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
debian
почти 22 года назад
The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and 3. ...
github
больше 3 лет назад
The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and 3.7.1p1, when Privilege Separation is disabled, does not check the result of the authentication attempt, which can allow remote attackers to gain privileges.
EPSS
Процентиль: 88%
0.04175
Низкий
10 Critical
CVSS2
Дефекты
NVD-CWE-Other