Search...

CVE-2002-1715

2002-12-31T00:00:00

ID CVE-2002-1715
Type cve
Reporter NVD
Modified 2017-07-10T21:29:21

Description

SSH 1 through 3, and possibly other versions, allows local users to bypass restricted shells such as rbash or rksh by uploading a script to a world-writeable directory, then executing that script to gain normal shell access.

JSON Vulners Source

Initial Source

{"id": "CVE-2002-1715", "bulletinFamily": "NVD", "title": "CVE-2002-1715", "description": "SSH 1 through 3, and possibly other versions, allows local users to bypass restricted shells such as rbash or rksh by uploading a script to a world-writeable directory, then executing that script to gain normal shell access.", "published": "2002-12-31T00:00:00", "modified": "2017-07-10T21:29:21", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-1715", "reporter": "NVD", "references": ["https://exchange.xforce.ibmcloud.com/vulnerabilities/8908", "http://www.securityfocus.com/bid/4547"], "cvelist": ["CVE-2002-1715"], "type": "cve", "lastseen": "2017-07-11T11:14:12", "history": [{"bulletin": {"assessment": {"href": "", "name": "", "system": ""}, "bulletinFamily": "NVD", "cpe": ["cpe:/a:ssh:ssh:1.2.3", "cpe:/a:ssh:ssh:1.2.21", "cpe:/a:ssh:ssh2:2.0.8", "cpe:/a:ssh:ssh:1.2.20", "cpe:/a:ssh:ssh:1.2.23", "cpe:/a:ssh:ssh2:2.0.5", "cpe:/a:ssh:ssh2:2.0.1", "cpe:/a:ssh:ssh:1.2.22", "cpe:/a:ssh:ssh2:2.0.10", "cpe:/a:ssh:ssh:1.2.28", "cpe:/a:ssh:ssh:1.2.8", "cpe:/a:ssh:ssh:1.2.12", "cpe:/a:ssh:ssh:1.2.6", "cpe:/a:ssh:ssh:1.2.25", "cpe:/a:ssh:ssh:1.2.11", "cpe:/a:ssh:ssh2:2.2", "cpe:/a:ssh:ssh2:2.1", "cpe:/a:ssh:ssh:1.2.19", "cpe:/a:ssh:ssh:1.2.24", "cpe:/a:ssh:ssh:1.2.31", "cpe:/a:ssh:ssh:1.2.26", "cpe:/a:ssh:ssh2:2.0.3", "cpe:/a:ssh:ssh:1.2.2", "cpe:/a:ssh:ssh2:2.0.12", "cpe:/a:ssh:ssh:1.2.5", "cpe:/a:ssh:ssh2:2.0.4", "cpe:/a:ssh:ssh:1.2.1", "cpe:/a:ssh:ssh2:3.0", "cpe:/a:ssh:ssh:1.2.27", "cpe:/a:ssh:ssh2:2.5", "cpe:/a:ssh:ssh2:2.3", "cpe:/a:ssh:ssh2:2.0.7", "cpe:/a:ssh:ssh2:2.0.9", "cpe:/a:ssh:ssh:1.2.13", "cpe:/a:ssh:ssh:1.2.29", "cpe:/a:ssh:ssh:1.2.15", "cpe:/a:ssh:ssh:1.2.17", "cpe:/a:ssh:ssh:1.2.16", "cpe:/a:ssh:ssh:1.2.10", "cpe:/a:ssh:ssh2:2.0.13", "cpe:/a:ssh:ssh:1.2.0", "cpe:/a:ssh:ssh2:2.4", "cpe:/a:ssh:ssh2:2.0.11", "cpe:/a:ssh:ssh:1.2.18", "cpe:/a:ssh:ssh:1.2.9", "cpe:/a:ssh:ssh:1.2.30", "cpe:/a:ssh:ssh:1.2.4", "cpe:/a:ssh:ssh:1.2.7", "cpe:/a:ssh:ssh2:2.0.2", "cpe:/a:ssh:ssh:1.2.14", "cpe:/a:ssh:ssh2:2.0.6", "cpe:/a:ssh:ssh2:2.0"], "cvelist": ["CVE-2002-1715"], "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "description": "SSH 1 through 3, and possibly other versions, allows local users to bypass restricted shells such as rbash or rksh by uploading a script to a world-writeable directory, then executing that script to gain normal shell access.", "edition": 1, "enchantments": {}, "hash": "f03e484692214158345d35de29d65d7dc14ed4b581b98b2dd193b1d5a8dabe4a", "hashmap": [{"hash": "4210437f4530fbb070718c019cf42b8d", "key": "title"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "scanner"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "reporter"}, {"hash": "fa8f175a7bffc00ed9a46e7e15a7daa8", "key": "modified"}, {"hash": "cfd16da9581e0c21db590e40dfd9e493", "key": "cvss"}, {"hash": "6d3f4796275bb54c21a33b82f399cc6d", "key": "assessment"}, {"hash": "1241ea068b9c79ed62c0d053757135f0", "key": "description"}, {"hash": "583a14ee9813368adc131b41d1a4b64b", "key": "references"}, {"hash": "d197061c46fbc4f431a41ab37ad34e95", "key": "cvelist"}, {"hash": "16bd6e4853bc7bf6e8f842668d2e9c94", "key": "href"}, {"hash": "1716b5fcbb7121af74efdc153d0166c5", "key": "type"}, {"hash": "5a2353c589f14c36fcf6561b7e801ad1", "key": "cpe"}, {"hash": "601892ece72be3be2f57266ca2354792", "key": "bulletinFamily"}, {"hash": "acc4130deae029fcb579f5daed93f172", "key": "published"}], "history": [], "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2002-1715", "id": "CVE-2002-1715", "lastseen": "2016-09-03T03:41:43", "modified": "2008-09-05T16:31:19", "objectVersion": "1.2", "published": "2002-12-31T00:00:00", "references": ["http://xforce.iss.net/xforce/xfdb/8908", "http://www.securityfocus.com/bid/4547"], "reporter": "NVD", "scanner": [], "title": "CVE-2002-1715", "type": "cve", "viewCount": 2}, "differentElements": ["references", "modified"], "edition": 1, "lastseen": "2016-09-03T03:41:43"}], "edition": 2, "hashmap": [{"key": "assessment", "hash": "6d3f4796275bb54c21a33b82f399cc6d"}, {"key": "bulletinFamily", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "cpe", "hash": "5a2353c589f14c36fcf6561b7e801ad1"}, {"key": "cvelist", "hash": "d197061c46fbc4f431a41ab37ad34e95"}, {"key": "cvss", "hash": "cfd16da9581e0c21db590e40dfd9e493"}, {"key": "description", "hash": "1241ea068b9c79ed62c0d053757135f0"}, {"key": "href", "hash": "16bd6e4853bc7bf6e8f842668d2e9c94"}, {"key": "modified", "hash": "8e4203d2ce73dd1e8eeed2cf180d7d55"}, {"key": "published", "hash": "acc4130deae029fcb579f5daed93f172"}, {"key": "references", "hash": "5e4b0f8239efb063ddc1616ad64de44f"}, {"key": "reporter", "hash": "601892ece72be3be2f57266ca2354792"}, {"key": "scanner", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "title", "hash": "4210437f4530fbb070718c019cf42b8d"}, {"key": "type", "hash": "1716b5fcbb7121af74efdc153d0166c5"}], "hash": "1827af1b3b1a47cdf89c7ac213753bf6c90cbfd9914b03c526f86d13d33274ac", "viewCount": 2, "enchantments": {"score": {"value": 7.2, "vector": "NONE", "modified": "2017-07-11T11:14:12"}, "vulnersScore": 7.2}, "objectVersion": "1.3", "cpe": ["cpe:/a:ssh:ssh:1.2.3", "cpe:/a:ssh:ssh:1.2.21", "cpe:/a:ssh:ssh2:2.0.8", "cpe:/a:ssh:ssh:1.2.20", "cpe:/a:ssh:ssh:1.2.23", "cpe:/a:ssh:ssh2:2.0.5", "cpe:/a:ssh:ssh2:2.0.1", "cpe:/a:ssh:ssh:1.2.22", "cpe:/a:ssh:ssh2:2.0.10", "cpe:/a:ssh:ssh:1.2.28", "cpe:/a:ssh:ssh:1.2.8", "cpe:/a:ssh:ssh:1.2.12", "cpe:/a:ssh:ssh:1.2.6", "cpe:/a:ssh:ssh:1.2.25", "cpe:/a:ssh:ssh:1.2.11", "cpe:/a:ssh:ssh2:2.2", "cpe:/a:ssh:ssh2:2.1", "cpe:/a:ssh:ssh:1.2.19", "cpe:/a:ssh:ssh:1.2.24", "cpe:/a:ssh:ssh:1.2.31", "cpe:/a:ssh:ssh:1.2.26", "cpe:/a:ssh:ssh2:2.0.3", "cpe:/a:ssh:ssh:1.2.2", "cpe:/a:ssh:ssh2:2.0.12", "cpe:/a:ssh:ssh:1.2.5", "cpe:/a:ssh:ssh2:2.0.4", "cpe:/a:ssh:ssh:1.2.1", "cpe:/a:ssh:ssh2:3.0", "cpe:/a:ssh:ssh:1.2.27", "cpe:/a:ssh:ssh2:2.5", "cpe:/a:ssh:ssh2:2.3", "cpe:/a:ssh:ssh2:2.0.7", "cpe:/a:ssh:ssh2:2.0.9", "cpe:/a:ssh:ssh:1.2.13", "cpe:/a:ssh:ssh:1.2.29", "cpe:/a:ssh:ssh:1.2.15", "cpe:/a:ssh:ssh:1.2.17", "cpe:/a:ssh:ssh:1.2.16", "cpe:/a:ssh:ssh:1.2.10", "cpe:/a:ssh:ssh2:2.0.13", "cpe:/a:ssh:ssh:1.2.0", "cpe:/a:ssh:ssh2:2.4", "cpe:/a:ssh:ssh2:2.0.11", "cpe:/a:ssh:ssh:1.2.18", "cpe:/a:ssh:ssh:1.2.9", "cpe:/a:ssh:ssh:1.2.30", "cpe:/a:ssh:ssh:1.2.4", "cpe:/a:ssh:ssh:1.2.7", "cpe:/a:ssh:ssh2:2.0.2", "cpe:/a:ssh:ssh:1.2.14", "cpe:/a:ssh:ssh2:2.0.6", "cpe:/a:ssh:ssh2:2.0"], "assessment": {"href": "", "name": "", "system": ""}, "scanner": []}

{"exploitdb": [{"lastseen": "2016-02-02T16:23:05", "osvdbidlist": ["23589"], "references": [], "description": "SSH2 3.0 Restricted Shell Escaping Command Execution Vulnerability. CVE-2002-1715. Local exploit for linux platform", "edition": 1, "reporter": "A.Dimitrov", "published": "2002-04-18T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.2}}, "type": "exploitdb", "title": "SSH2 3.0 Restricted Shell Escaping Command Execution Vulnerability", "bulletinFamily": "exploit", "cvelist": ["CVE-2002-1715"], "modified": "2002-04-18T00:00:00", "id": "EDB-ID:21398", "href": "https://www.exploit-db.com/exploits/21398/", "sourceData": "source: http://www.securityfocus.com/bid/4547/info\r\n\r\nSSH (and derivatives) is the protocol Secure Shell protocol implementation. It is available for various operating systems, although this vulnerability affects operating systems such as Unix and Linux.\r\n\r\nIt has been reported that it is possible for a remote user to upload files to world-writeable directories, and execute commands from world-writeable directories. In doing so, a user may be able to upload a script, and execute the script to gain access to a regular shell on the system. This would allow the user unrestricted, but unprivileged access.\r\n\r\nAfter uploading 'malicious' to /tmp:\r\n\r\nssh -l user host '/tmp/malicious' ", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "https://www.exploit-db.com/download/21398/"}], "osvdb": [{"lastseen": "2017-04-28T13:20:20", "references": [], "edition": 1, "description": "# No description provided by the source\n\n## References:\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/2002-04/0245.html\nISS X-Force ID: 8908\n[CVE-2002-1715](https://vulners.com/cve/CVE-2002-1715)\nBugtraq ID: 4547\n", "reporter": "OSVDB", "published": "2002-04-18T22:23:20", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "SSH Directory Permission Weakness Restricted Shell Bypass", "type": "osvdb", "bulletinFamily": "software", "affectedSoftware": [], "cvelist": ["CVE-2002-1715"], "modified": "2002-04-18T22:23:20", "href": "https://vulners.com/osvdb/OSVDB:23589", "id": "OSVDB:23589", "cvss": {"score": 7.2, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}