CVE-2000-0992

2000-12-1905:00:00

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

6.5

Confidence

Low

EPSS

0.008

Percentile

81.3%

JSON

Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a … (dot dot) attack.

Affected configurations

Nvd

Node

openbsdopensshMatch1.2

openbsdopensshMatch1.2.3

sshsshMatch1.2.14

sshsshMatch1.2.15

sshsshMatch1.2.16

sshsshMatch1.2.17

sshsshMatch1.2.18

sshsshMatch1.2.19

sshsshMatch1.2.20

sshsshMatch1.2.21

sshsshMatch1.2.22

sshsshMatch1.2.23

sshsshMatch1.2.24

sshsshMatch1.2.25

sshsshMatch1.2.26

sshsshMatch1.2.27

sshsshMatch1.2.28

sshsshMatch1.2.29

sshsshMatch1.2.30

sshsshMatch1.2.31

VendorProductVersionCPE
openbsdopenssh1.2cpe:2.3:a:openbsd:openssh:1.2:*:*:*:*:*:*:*
openbsdopenssh1.2.3cpe:2.3:a:openbsd:openssh:1.2.3:*:*:*:*:*:*:*
sshssh1.2.14cpe:2.3:a:ssh:ssh:1.2.14:*:*:*:*:*:*:*
sshssh1.2.15cpe:2.3:a:ssh:ssh:1.2.15:*:*:*:*:*:*:*
sshssh1.2.16cpe:2.3:a:ssh:ssh:1.2.16:*:*:*:*:*:*:*
sshssh1.2.17cpe:2.3:a:ssh:ssh:1.2.17:*:*:*:*:*:*:*
sshssh1.2.18cpe:2.3:a:ssh:ssh:1.2.18:*:*:*:*:*:*:*
sshssh1.2.19cpe:2.3:a:ssh:ssh:1.2.19:*:*:*:*:*:*:*
sshssh1.2.20cpe:2.3:a:ssh:ssh:1.2.20:*:*:*:*:*:*:*
sshssh1.2.21cpe:2.3:a:ssh:ssh:1.2.21:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
openbsd	openssh	1.2	cpe:2.3:a:openbsd:openssh:1.2:::::::*
openbsd	openssh	1.2.3	cpe:2.3:a:openbsd:openssh:1.2.3:::::::*
ssh	ssh	1.2.14	cpe:2.3:a:ssh:ssh:1.2.14:::::::*
ssh	ssh	1.2.15	cpe:2.3:a:ssh:ssh:1.2.15:::::::*
ssh	ssh	1.2.16	cpe:2.3:a:ssh:ssh:1.2.16:::::::*
ssh	ssh	1.2.17	cpe:2.3:a:ssh:ssh:1.2.17:::::::*
ssh	ssh	1.2.18	cpe:2.3:a:ssh:ssh:1.2.18:::::::*
ssh	ssh	1.2.19	cpe:2.3:a:ssh:ssh:1.2.19:::::::*
ssh	ssh	1.2.20	cpe:2.3:a:ssh:ssh:1.2.20:::::::*
ssh	ssh	1.2.21	cpe:2.3:a:ssh:ssh:1.2.21:::::::*