Lucene search
HistoryAug 31, 2004 - 4:00 a.m.
CVE-2004-1653
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
6.3 Medium
AI Score
Confidence
Low
0.01 Low
EPSS
Percentile
84.1%
The default configuration for OpenSSH enables AllowTcpForwarding, which could allow remote authenticated users to perform a port bounce, when configured with an anonymous access program such as AnonCVS.
Affected configurations
Node
openbsdopensshRange≤3.9
Related
cvelist
cvelist
CVE-2004-1653
2005-02-20 05:00:00
fortinet
fortinet
CVE-2004-1653 SSH port forwarding exposes unprotected internal services
2020-06-26 00:00:00
threatpost
threatpost
Old SSH Vulnerability at Center of Credential-Stuffing Attacks
2016-10-13 11:27:58
debiancve
debiancve
CVE-2004-1653
2005-02-20 05:00:00
cve
cve
CVE-2004-1653
2005-02-20 05:00:00
openvas
openvas
OpenBSD OpenSSH 3.9 Port Bounce Vulnerability
2016-10-25 00:00:00
f5
f5
K40663742 : OpenSSH vulnerability CVE-2004-1653
2020-06-16 00:00:00
redhatcve
redhatcve
CVE-2004-1653
2015-10-30 09:17:36
thn
thn
12-Year-Old SSH Bug Exposes More than 2 Million IoT Devices
2016-10-13 21:00:00
nessus
nessus
OpenSSH >= 2.3.0 AllowTcpForwarding Port Bouncing
2011-12-01 00:00:00
SunSSH < 1.1.1 / 1.3 CBC Plaintext Disclosure
2011-08-29 00:00:00
6.4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:P/A:N
6.3 Medium
AI Score
Confidence
Low
0.01 Low
EPSS
Percentile
84.1%
Related for NVD:CVE-2004-1653