Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2003-0786HistoryNov 17, 2003 - 5:00 a.m.
CVE-2003-0786
2003-11-1705:00:00
Debian Security Bug Tracker
security-tracker.debian.org
8
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.018 Low
EPSS
Percentile
88.0%
The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and 3.7.1p1, when Privilege Separation is disabled, does not check the result of the authentication attempt, which can allow remote attackers to gain privileges.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | openssh | < 1:3.7.1p2 | openssh_1:3.7.1p2_all.deb |
| Debian | 11 | all | openssh | < 1:3.7.1p2 | openssh_1:3.7.1p2_all.deb |
| Debian | 10 | all | openssh | < 1:3.7.1p2 | openssh_1:3.7.1p2_all.deb |
| Debian | 999 | all | openssh | < 1:3.7.1p2 | openssh_1:3.7.1p2_all.deb |
| Debian | 13 | all | openssh | < 1:3.7.1p2 | openssh_1:3.7.1p2_all.deb |
Related
cve
cve
CVE-2003-0786
2003-11-17 05:00:00
cert
cert
OpenSSH PAM challenge authentication failure
2003-09-23 00:00:00
OpenSSH contains buffer management errors
2003-09-16 00:00:00
nessus
nessus
OpenSSH < 3.7.1p2 Multiple Remote Vulnerabilities
2003-09-23 00:00:00
SunSSH < 1.1.1 / 1.3 CBC Plaintext Disclosure
2011-08-29 00:00:00
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.018 Low
EPSS
Percentile
88.0%
Related for DEBIANCVE:CVE-2003-0786