Ssh2 Security Vulnerabilities and Issues — Ssh2 CVE List

SshSsh2

9 matches found

CVE•added 2000/04/10 4:0 a.m.•104 views

CVE-2000-0217

Technical details about CVE-2000-0217 are not provided in the connected documents. The supplied materials do not specify affected products/versions, root cause, or remediation. Monitor for updates in the available sources.

5.1CVSS6.6AI score0.00636EPSS

CVE•added 2005/03/28 5:0 a.m.•74 views

CVE-2002-1645

The CVE-2002-1645 entry concerns SSH Secure Shell for Workstations client versions 3.1 to 3.2.0 with a buffer overflow in the URL catcher feature. The vulnerability allows remote attackers to execute arbitrary code by supplying a long URL. The root cause is a flaw in handling long URLs in the URL...

10CVSS8.2AI score0.14469EPSS

CVE•added 2005/06/21 4:0 a.m.•60 views

CVE-2002-1715

Technical details about CVE-2002-1715 are not publicly available in the provided connected documents. The initial description notes local privilege escalation via a world-writable directory, but no vendor/version/patch specifics are present here; monitor for updates.

7.2CVSS6.7AI score0.00104EPSS

CVE•added 2000/02/04 5:0 a.m.•49 views

CVE-1999-0398

CVE-1999-0398 concerns SSH on Linux, where in some instances of SSH 1.2.27 and 2.0.11, logins from users with expired accounts are allowed. The linked PT Security entry confirms affected versions and recommends upgrading to a fixed version, though no specific patched version is stated. No exploit...

4.6CVSS7AI score0.00082EPSS

CVE•added 2005/03/28 5:0 a.m.•47 views

CVE-2002-1644

The CVE-2002-1644 entry describes a local privilege-escalation flaw in SSH Secure Shell for Servers and SSH Secure Shell for Workstations, version 2.0.13 through 3.2.1, when run without a PTY. The root cause is that the process does not call setsid to detach the child from the parent’s process gr...

7.2CVSS6.7AI score0.00094EPSS

CVE•added 2001/09/12 4:0 a.m.•45 views

CVE-1999-1029

SSHD2 before 2.0.12 does not log login attempts if the connection is closed early, enabling a remote attacker to guess passwords without audit entries; affected software: SSHD2 prior to 2.0.12.

7.5CVSS7.1AI score0.00717EPSS

CVE•added 2002/03/09 5:0 a.m.•44 views

CVE-2001-0364

Technical details for CVE-2001-0364 are not publicly available in the provided documents; monitor for updates.

5CVSS7AI score0.00739EPSS

CVE•added 2002/03/09 5:0 a.m.•39 views

CVE-1999-1159

SSH 2.0.11 and earlier permits local users to request remote forwarding to privileged ports without root privileges. Root-cause: weakness in SSH 2.0.x remote forwarding handling enabling non-privileged users to bind privileged ports. Impact: potential unauthorized access paths via port forwarding...

4.6CVSS7.2AI score0.00064EPSS

CVE•added 2001/09/12 4:0 a.m.•36 views

CVE-1999-1231

CVE-1999-1231 affects SSH 2.0.12 (and possibly later versions). The vulnerability arises because an attacker can try multiple password attempts using valid usernames, yet the system only prompts “invalid user” once, enabling remote disclosure of valid account names on the server. The description ...

5CVSS7.2AI score0.00763EPSS