Lucene search

[email protected]CVE-2002-1645

HistoryMar 28, 2005 - 5:00 a.m.

CVE-2002-1645

2005-03-2805:00:00

[email protected]

web.nvd.nist.gov

cve-2002-1645

buffer overflow

ssh secure shell

remote code execution

nvd

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.2 High

AI Score

Confidence

Low

0.018 Low

EPSS

Percentile

88.2%

JSON

Buffer overflow in the URL catcher feature for SSH Secure Shell for Workstations client 3.1 to 3.2.0 allows remote attackers to execute arbitrary code via a long URL.

Affected configurations

NVD

Node

sshssh2Match3.1

sshssh2Match3.1.1

sshssh2Match3.1.2

sshssh2Match3.1.3

sshssh2Match3.1.4

sshssh2Match3.2

CPENameOperatorVersion
ssh:ssh2ssh ssh2eq3.1
ssh:ssh2ssh ssh2eq3.1.1
ssh:ssh2ssh ssh2eq3.1.2
ssh:ssh2ssh ssh2eq3.1.3
ssh:ssh2ssh ssh2eq3.1.4
ssh:ssh2ssh ssh2eq3.2

CPE	Name	Operator	Version
ssh:ssh2	ssh ssh2	eq	3.1
ssh:ssh2	ssh ssh2	eq	3.1.1
ssh:ssh2	ssh ssh2	eq	3.1.2
ssh:ssh2	ssh ssh2	eq	3.1.3
ssh:ssh2	ssh ssh2	eq	3.1.4
ssh:ssh2	ssh ssh2	eq	3.2

References

www.kb.cert.org/vuls/id/140977

www.securityfocus.com/bid/6263

www.ssh.com/company/newsroom/article/287/

exchange.xforce.ibmcloud.com/vulnerabilities/10723

10 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

8.2 High

AI Score

Confidence

Low

0.018 Low

EPSS

Percentile

88.2%

JSON

Related for CVE-2002-1645

cvelist1 nvd1