Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cveMitreCVE-2002-0640
HistoryApr 02, 2003 - 5:00 a.m.

CVE-2002-0640

2003-04-0205:00:00
mitre
web.nvd.nist.gov
596
cve-2002-0640
buffer overflow
openssh
remote code execution
vulnerability

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

9.8

Confidence

High

EPSS

0.557

Percentile

97.7%

JSON

Buffer overflow in sshd in OpenSSH 2.3.1 through 3.3 may allow remote attackers to execute arbitrary code via a large number of responses during challenge response authentication when OpenBSD is using PAM modules with interactive keyboard authentication (PAMAuthenticationViaKbdInt).

Affected configurations

Nvd
Node
openbsdopensshMatch1.2.2
OR
openbsdopensshMatch1.2.3
OR
openbsdopensshMatch2.1
OR
openbsdopensshMatch2.1.1
OR
openbsdopensshMatch2.2
OR
openbsdopensshMatch2.3
OR
openbsdopensshMatch2.5
OR
openbsdopensshMatch2.5.1
OR
openbsdopensshMatch2.5.2
OR
openbsdopensshMatch2.9
OR
openbsdopensshMatch2.9.9
OR
openbsdopensshMatch2.9p1
OR
openbsdopensshMatch2.9p2
OR
openbsdopensshMatch3.0
OR
openbsdopensshMatch3.0.1
OR
openbsdopensshMatch3.0.1p1
OR
openbsdopensshMatch3.0.2
OR
openbsdopensshMatch3.0.2p1
OR
openbsdopensshMatch3.0p1
OR
openbsdopensshMatch3.1
OR
openbsdopensshMatch3.1p1
OR
openbsdopensshMatch3.2
OR
openbsdopensshMatch3.2.2p1
OR
openbsdopensshMatch3.2.3p1
OR
openbsdopensshMatch3.3
OR
openbsdopensshMatch3.3p1
VendorProductVersionCPE
openbsdopenssh1.2.2cpe:2.3:a:openbsd:openssh:1.2.2:*:*:*:*:*:*:*
openbsdopenssh1.2.3cpe:2.3:a:openbsd:openssh:1.2.3:*:*:*:*:*:*:*
openbsdopenssh2.1cpe:2.3:a:openbsd:openssh:2.1:*:*:*:*:*:*:*
openbsdopenssh2.1.1cpe:2.3:a:openbsd:openssh:2.1.1:*:*:*:*:*:*:*
openbsdopenssh2.2cpe:2.3:a:openbsd:openssh:2.2:*:*:*:*:*:*:*
openbsdopenssh2.3cpe:2.3:a:openbsd:openssh:2.3:*:*:*:*:*:*:*
openbsdopenssh2.5cpe:2.3:a:openbsd:openssh:2.5:*:*:*:*:*:*:*
openbsdopenssh2.5.1cpe:2.3:a:openbsd:openssh:2.5.1:*:*:*:*:*:*:*
openbsdopenssh2.5.2cpe:2.3:a:openbsd:openssh:2.5.2:*:*:*:*:*:*:*
openbsdopenssh2.9cpe:2.3:a:openbsd:openssh:2.9:*:*:*:*:*:*:*
Rows per page:
1-10 of 261

References

Related

debiancve 1
exploitdb 2
openvas 4
cvelist 1
suse 1
nvd 1
nessus 6
redhatcve 1
zdt 1
githubexploit 1
packetstorm 1
debiancve
debiancve
CVE-2002-0640
2003-04-02 05:00:00
exploitdb
exploitdb
OpenSSH 3.x - Challenge-Response Buffer Overflow (2)
2002-06-24 00:00:00
OpenSSH 3.x - Challenge-Response Buffer Overflow (1)
2002-06-24 00:00:00
openvas
openvas
OpenSSH 'sshd' Challenge Response Authentication Buffer Overflow Vulnerability
2011-12-07 00:00:00
OpenSSH 'sshd' Challenge Response Authentication Buffer Overflow Vulnerability
2011-12-07 00:00:00
Debian Security Advisory DSA 134-1 (ssh)
2008-01-17 00:00:00
cvelist
cvelist
CVE-2002-0640
2003-04-02 05:00:00
suse
suse
possible remote access in openssh
2002-07-02 20:02:22
nvd
nvd
CVE-2002-0640
2002-07-03 04:00:00
nessus
nessus
RHEL 2.1 : openssh (RHSA-2002:131)
2004-07-06 00:00:00
Mandrake Linux Security Advisory : openssh (MDKSA-2002:040-1)
2004-07-31 00:00:00
OpenSSH Kerberos TGT/AFS Token Passing Remote Overflow
2002-05-12 00:00:00
redhatcve
redhatcve
CVE-2002-0639
2015-10-30 10:31:30
zdt
zdt
OpenSSH Server regreSSHion Remote Code Execution Vulnerability
2024-07-02 00:00:00
githubexploit
githubexploit
Exploit for Race Condition in Openbsd Openssh
2024-07-02 02:54:05
packetstorm
packetstorm
OpenSSH Server regreSSHion Remote Code Execution
2024-07-01 00:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

9.8

Confidence

High

EPSS

0.557

Percentile

97.7%

JSON
Related for CVE-2002-0640
debiancve1exploitdb2openvas4cvelist1suse1nvd1nessus6redhatcve1zdt1githubexploit1packetstorm1