Lucene search

[email protected]CVE-2003-0695

HistoryOct 06, 2003 - 4:00 a.m.

CVE-2003-0695

2003-10-0604:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2003-0695

openssh

buffer management

denial of service

arbitrary code execution

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.015 Low

EPSS

Percentile

86.9%

JSON

Multiple “buffer management errors” in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code using (1) buffer_init in buffer.c, (2) buffer_free in buffer.c, or (3) a separate function in channels.c, a different vulnerability than CVE-2003-0693.

CPENameOperatorVersion
openbsd:opensshopenbsd opensshle3.7.1

CPE	Name	Operator	Version
openbsd:openssh	openbsd openssh	le	3.7.1

References

distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000741

marc.info/?l=bugtraq&m=106373546332230&w=2

marc.info/?l=bugtraq&m=106381396120332&w=2

marc.info/?l=bugtraq&m=106381409220492&w=2

marc.info/?l=bugtraq&m=106382542403716&w=2

marc.info/?l=openbsd-security-announce&m=106375582924840

www.debian.org/security/2003/dsa-382

www.debian.org/security/2003/dsa-383

www.mandriva.com/security/advisories?name=MDKSA-2003:090

www.openssh.com/txt/buffer.adv

www.redhat.com/support/errata/RHSA-2003-280.html

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A452

7.2 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.015 Low

EPSS

Percentile

86.9%

JSON

Related for CVE-2003-0695

debian5 openvas14 debiancve3 cve2 nessus8 redhat1 osv2 cisco1 freebsd_advisory1 suse2 cert1 securityvulns2 ubuntucve1