CVE-2003-0695
- EPSS 3.61%
- Veröffentlicht 06.10.2003 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:02:39
Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code using (1) buffer_init in buffer.c, (2) buffer_free in buffer.c, or (3) a separate function in channels.c, a differe...
- EPSS 9.89%
- Veröffentlicht 22.09.2003 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:02:39
A "buffer management error" in buffer_append_space of buffer.c for OpenSSH before 3.7 may allow remote attackers to execute arbitrary code by causing an incorrect amount of memory to be freed and corrupting the heap, a different vulnerability than CV...
CVE-2003-0386
- EPSS 5.77%
- Veröffentlicht 02.07.2003 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:02:06
OpenSSH 3.6.1 and earlier, when restricting host access by numeric IP addresses and with VerifyReverseMapping disabled, allows remote attackers to bypass "from=" and "user@host" address restrictions by connecting to a host from a system whose reverse...
- EPSS 76.75%
- Veröffentlicht 12.05.2003 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:01:43
OpenSSH-portable (OpenSSH) 3.6.1p1 and earlier with PAM support enabled immediately sends an error message when a user does not exist, which allows remote attackers to determine valid usernames via a timing attack.
CVE-2002-0765
- EPSS 1.28%
- Veröffentlicht 12.08.2002 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:58:05
sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain conditions, may allow users to successfully authenticate and log in with another user's password.
- EPSS 18.43%
- Veröffentlicht 03.07.2002 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:57:50
Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using SKEY or BSD_AUTH authentication.
- EPSS 27.32%
- Veröffentlicht 03.07.2002 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:57:50
Buffer overflow in sshd in OpenSSH 2.3.1 through 3.3 may allow remote attackers to execute arbitrary code via a large number of responses during challenge response authentication when OpenBSD is using PAM modules with interactive keyboard authenticat...
CVE-2002-0575
- EPSS 4.21%
- Veröffentlicht 18.06.2002 04:00:00
- Zuletzt bearbeitet 16.06.2026 21:57:42
Buffer overflow in OpenSSH before 2.9.9, and 3.x before 3.2.1, with Kerberos/AFS support and KerberosTgtPassing or AFSTokenPassing enabled, allows remote and local authenticated users to gain privileges.
- EPSS 14.8%
- Veröffentlicht 15.03.2002 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:56:44
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
CVE-2001-1507
- EPSS 2.24%
- Veröffentlicht 31.12.2001 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:56:24
OpenSSH before 3.0.1 with Kerberos V enabled does not properly authenticate users, which could allow remote attackers to login unchallenged.