CVE-2002-1359

EPSS 87%
Veröffentlicht 23.12.2002 05:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 10

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Cisco ≫ Ios Version12.0s

Cisco ≫ Ios Version12.0st

Cisco ≫ Ios Version12.1e

Cisco ≫ Ios Version12.1ea

Cisco ≫ Ios Version12.1t

Cisco ≫ Ios Version12.2

Cisco ≫ Ios Version12.2s

Cisco ≫ Ios Version12.2t

Fissh ≫ Ssh Client Version1.0a_for_windows

Intersoft ≫ Securenetterm Version5.4.1

Netcomposite ≫ Shellguard Ssh Version3.4.6

Pragma Systems ≫ Secureshell Version2.0

PuTTY ≫ PuTTY Version0.48

PuTTY ≫ PuTTY Version0.49

PuTTY ≫ PuTTY Version0.53

WinSCP ≫ WinSCP Version2.0.0

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	87%	0.994

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	10	10	10	AV:N/AC:L/Au:N/C:C/I:C/A:C

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0110.html

Vendor Advisory

http://securitytracker.com/id?1005812

http://securitytracker.com/id?1005813

http://www.cert.org/advisories/CA-2002-36.html

Third Party Advisory

US Government Resource

http://www.securityfocus.com/bid/6407

https://exchange.xforce.ibmcloud.com/vulnerabilities/10870

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5848

https://nvd.nist.gov/vuln/detail/CVE-2002-1359

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2002-1359

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2002-1359

EUVD