10
CVE-2002-1359
- EPSS 80.23%
- Veröffentlicht 23.12.2002 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:59:10
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Fissh ≫ Ssh Client Version1.0a_for_windows
Intersoft ≫ Securenetterm Version5.4.1
Netcomposite ≫ Shellguard Ssh Version3.4.6
Pragma Systems ≫ Secureshell Version2.0
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 80.23% | 0.996 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 10 | 10 | 10 |
AV:N/AC:L/Au:N/C:C/I:C/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html
http://securitytracker.com/id?1005812
http://securitytracker.com/id?1005813
http://www.cert.org/advisories/CA-2002-36.html
http://www.securityfocus.com/bid/6407
https://exchange.xforce.ibmcloud.com/vulnerabilities/10870
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5848