CVE-2003-1120

Опубликовано: 31 дек. 2003

Источник: nvd

CVSS2: 3.7

EPSS Низкий

Описание

Race condition in SSH Tectia Server 4.0.3 and 4.0.4 for Unix, when the password change plugin (ssh-passwd-plugin) is enabled, allows local users to obtain the server's private key.

Ссылки

http://secunia.com/advisories/11193
http://securitytracker.com/alerts/2004/Mar/1009532.html
http://www.kb.cert.org/vuls/id/814198
Patch
Third Party Advisory
US Government Resource
http://www.osvdb.org/displayvuln.php?osvdb_id=4491
http://www.securityfocus.com/bid/9956
Patch
http://www.ssh.com/company/newsroom/article/520/
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/15585
http://secunia.com/advisories/11193
http://securitytracker.com/alerts/2004/Mar/1009532.html
http://www.kb.cert.org/vuls/id/814198
Patch
Third Party Advisory
US Government Resource
http://www.osvdb.org/displayvuln.php?osvdb_id=4491
http://www.securityfocus.com/bid/9956
Patch
http://www.ssh.com/company/newsroom/article/520/
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/15585

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ssh:tectia_server:4.0.3:*:*:*:*:*:*:*

cpe:2.3:a:ssh:tectia_server:4.0.4:*:*:*:*:*:*:*

EPSS

Процентиль: 38%

0.00168

Низкий

3.7 Low

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

GHSA-9fjw-px98-qrx4

github

почти 4 года назад