- EPSS 2.85%
- Veröffentlicht 19.12.2000 05:00:00
- Zuletzt bearbeitet 16.04.2026 00:27:16
Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a .. (dot dot) attack.
- EPSS 0.42%
- Veröffentlicht 11.12.2000 05:00:00
- Zuletzt bearbeitet 16.04.2026 00:27:16
Format string vulnerabilities in OpenBSD ssh program (and possibly other BSD-based operating systems) allow attackers to gain root privileges.
- EPSS 0.71%
- Veröffentlicht 08.06.2000 04:00:00
- Zuletzt bearbeitet 16.04.2026 00:27:16
OpenSSH does not properly drop privileges when the UseLogin option is enabled, which allows local users to execute arbitrary commands by providing the command to the ssh daemon.
CVE-2000-0217
- EPSS 0.64%
- Veröffentlicht 24.02.2000 05:00:00
- Zuletzt bearbeitet 16.04.2026 00:27:16
The default configuration of SSH allows X forwarding, which could allow a remote attacker to control a client's X sessions via a malicious xauth program.
CVE-2000-0143
- EPSS 0.07%
- Veröffentlicht 11.02.2000 05:00:00
- Zuletzt bearbeitet 16.04.2026 00:27:16
The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP.
CVE-1999-1010
- EPSS 0.24%
- Veröffentlicht 14.12.1999 05:00:00
- Zuletzt bearbeitet 16.04.2026 00:27:16
An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy.