Lucene search

[email protected]CVE-2002-0083

HistoryMar 15, 2002 - 5:00 a.m.

CVE-2002-0083

2002-03-1505:00:00

CWE-193

[email protected]

web.nvd.nist.gov

153

openssh

cve-2002-0083

off-by-one error

privilege escalation

channel code

local users

remote servers

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

6.6 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.009 Low

EPSS

Percentile

82.3%

JSON

Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.

CPENameOperatorVersion
conectiva:linuxconectiva linuxeqgraficas
immunix:immuniximmunixeq7.0
conectiva:linuxconectiva linuxeq6.0
conectiva:linuxconectiva linuxeq5.1
openpkg:openpkgopenpkgeq1.0
conectiva:linuxconectiva linuxeqecommerce
mandrakesoft:mandrake_single_network_firewallmandrakesoft mandrake single network firewalleq7.2
conectiva:linuxconectiva linuxeq7.0
conectiva:linuxconectiva linuxeq5.0
openbsd:opensshopenbsd opensshlt3.1

CPE	Name	Operator	Version
conectiva:linux	conectiva linux	eq	graficas
immunix:immunix	immunix	eq	7.0
conectiva:linux	conectiva linux	eq	6.0
conectiva:linux	conectiva linux	eq	5.1
openpkg:openpkg	openpkg	eq	1.0
conectiva:linux	conectiva linux	eq	ecommerce
mandrakesoft:mandrake_single_network_firewall	mandrakesoft mandrake single network firewall	eq	7.2
conectiva:linux	conectiva linux	eq	7.0
conectiva:linux	conectiva linux	eq	5.0
openbsd:openssh	openbsd openssh	lt	3.1

Rows per page:

1-10 of 271

References

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc

ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt

ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt

archives.neohapsis.com/archives/bugtraq/2002-03/0108.html

archives.neohapsis.com/archives/vulnwatch/2002-q1/0060.html

distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000467

marc.info/?l=bugtraq&m=101552065005254&w=2

marc.info/?l=bugtraq&m=101553908201861&w=2

marc.info/?l=bugtraq&m=101561384821761&w=2

marc.info/?l=bugtraq&m=101586991827622&w=2

online.securityfocus.com/advisories/3960

online.securityfocus.com/archive/1/264657

www.calderasystems.com/support/security/advisories/CSSA-2002-012.0.txt

www.debian.org/security/2002/dsa-119

www.iss.net/security_center/static/8383.php

www.linux-mandrake.com/en/security/2002/MDKSA-2002-019.php

www.linuxsecurity.com/advisories/other_advisory-1937.html

www.novell.com/linux/security/advisories/2002_009_openssh_txt.html

www.openbsd.org/advisories/ssh_channelalloc.txt

www.osvdb.org/730

www.redhat.com/support/errata/RHSA-2002-043.html

www.securityfocus.com/bid/4241

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

6.6 Medium

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.009 Low

EPSS

Percentile

82.3%

JSON

Related for CVE-2002-0083

nessus5 openvas2 suse1 freebsd_advisory1 f52 cert1