4.6

CVE-2003-0047

EPSS 0.48%
Veröffentlicht 19.02.2003 05:00:00
Zuletzt bearbeitet 16.06.2026 22:01:24
Quelle cve@mitre.org
CVE-Watchlists
Login
Unerledigt
Login

SSH2 clients for VanDyke (1) SecureCRT 4.0.2 and 3.4.7, (2) SecureFX 2.1.2 and 2.0.4, and (3) Entunnel 1.0.2 and earlier, do not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 11

NVD 5 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Van Dyke Technologies ≫ Entunnel Version <= 1.0.2

Van Dyke Technologies ≫ Securecrt Version3.4.7

Van Dyke Technologies ≫ Securecrt Version4.0.2

Van Dyke Technologies ≫ Securefx Version2.0.4

Van Dyke Technologies ≫ Securefx Version2.1.2

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.48%	0.374

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	4.6	3.9	6.4	AV:L/AC:L/Au:N/C:P/I:P/A:P

Es wurden noch keine Informationen zu CWE veröffentlicht.

http://marc.info/?l=bugtraq&m=104386492422014&w=2

http://www.idefense.com/advisory/01.28.03.txt

Patch

Vendor Advisory

http://www.securityfocus.com/bid/6726

http://www.securityfocus.com/bid/6727

http://www.securityfocus.com/bid/6728

http://www.securitytracker.com/id?1006010

http://www.securitytracker.com/id?1006011

http://www.securitytracker.com/id?1006012

https://nvd.nist.gov/vuln/detail/CVE-2003-0047

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2003-0047

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2003-0047

EUVD