Lucene search
HistoryFeb 20, 2005 - 5:00 a.m.
CVE-2004-1653
openssh
configuration
allowtcpforwarding
port bounce
remote authentication
cve-2004-1653
9.1 High
AI Score
Confidence
High
6.4 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
0.01 Low
EPSS
Percentile
84.0%
The default configuration for OpenSSH enables AllowTcpForwarding, which could allow remote authenticated users to perform a port bounce, when configured with an anonymous access program such as AnonCVS.
Affected configurations
Node
openbsdopensshRange≤3.9
| CPE | Name | Operator | Version |
|---|---|---|---|
| openbsd:openssh | openbsd openssh | le | 3.9 |
Related
fortinet
fortinet
CVE-2004-1653 SSH port forwarding exposes unprotected internal services
2020-06-26 00:00:00
cvelist
cvelist
CVE-2004-1653
2005-02-20 05:00:00
nvd
nvd
CVE-2004-1653
2004-08-31 04:00:00
threatpost
threatpost
Old SSH Vulnerability at Center of Credential-Stuffing Attacks
2016-10-13 11:27:58
debiancve
debiancve
CVE-2004-1653
2005-02-20 05:00:00
thn
thn
12-Year-Old SSH Bug Exposes More than 2 Million IoT Devices
2016-10-13 21:00:00
openvas
openvas
OpenBSD OpenSSH 3.9 Port Bounce Vulnerability
2016-10-25 00:00:00
redhatcve
redhatcve
CVE-2004-1653
2015-10-30 09:17:36
f5
f5
K40663742 : OpenSSH vulnerability CVE-2004-1653
2020-06-16 00:00:00
nessus
nessus
OpenSSH >= 2.3.0 AllowTcpForwarding Port Bouncing
2011-12-01 00:00:00
SunSSH < 1.1.1 / 1.3 CBC Plaintext Disclosure
2011-08-29 00:00:00
9.1 High
AI Score
Confidence
High
6.4 Medium
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
0.01 Low
EPSS
Percentile
84.0%
Related for CVE-2004-1653