Lucene search

K
osvGoogleOSV:DSA-383
HistorySep 17, 2003 - 12:00 a.m.

ssh-krb5 - possible remote vulnerability

2003-09-1700:00:00
Google
osv.dev
3

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

Several bugs have been found in OpenSSH’s buffer handling. It is not
known if these bugs are exploitable, but as a precaution an upgrade is
advised.

DSA-383-2:
This advisory is an addition to the earlier DSA-383-1 advisory: Solar
Designer found four more bugs in OpenSSH that may be exploitable.

For the Debian stable distribution these bugs have been fixed in version
1:3.4p1-0woody4.

We recommend that you update your ssh-krb5 package.

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

Related for OSV:DSA-383