7.5

CVE-2003-0386

Exploit
OpenSSH 3.6.1 and earlier, when restricting host access by numeric IP addresses and with VerifyReverseMapping disabled, allows remote attackers to bypass "from=" and "user@host" address restrictions by connecting to a host from a system whose reverse DNS hostname contains the numeric IP address.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OpenbsdOpenssh Version3.6.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 5.77% 0.921
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.apple.com/mhonarc/security-announce/msg00038.html
ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc
http://secunia.com/advisories/21129
http://secunia.com/advisories/21262
http://secunia.com/advisories/21724
http://secunia.com/advisories/22196
http://secunia.com/advisories/23680
http://support.avaya.com/elmodocs2/security/ASA-2006-174.htm
http://www.kb.cert.org/vuls/id/978316
Patch
Third Party Advisory
US Government Resource
Exploit
http://www.redhat.com/support/errata/RHSA-2006-0298.html
http://www.redhat.com/support/errata/RHSA-2006-0698.html
http://www.securityfocus.com/archive/1/324016/2003-06-03/2003-06-09/0
Patch
Vendor Advisory
Exploit
http://www.securityfocus.com/bid/7831
http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html
http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9894