4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.009 Low
EPSS
Percentile
82.3%
Unspecified vulnerability in the linux_audit_record_event function in OpenSSH 4.3p2, as used on Fedora Core 6 and possibly other systems, allows remote attackers to write arbitrary characters to an audit log via a crafted username. NOTE: some of these details are obtained from third party information.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | openssh | < 1:9.2p1-2+deb12u2 | openssh_1:9.2p1-2+deb12u2_all.deb |
Debian | 11 | all | openssh | < 1:8.4p1-5+deb11u3 | openssh_1:8.4p1-5+deb11u3_all.deb |
Debian | 10 | all | openssh | < 1:7.9p1-10+deb10u2 | openssh_1:7.9p1-10+deb10u2_all.deb |
Debian | 999 | all | openssh | < 1:9.7p1-4 | openssh_1:9.7p1-4_all.deb |
Debian | 13 | all | openssh | < 1:9.6p1-4 | openssh_1:9.6p1-4_all.deb |