Published: 19/12/2000 Updated: 03/05/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a .. (dot dot) attack.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ssh ssh 1.2.14
ssh ssh 1.2.18
ssh ssh 1.2.19
ssh ssh 1.2.26
ssh ssh 1.2.27
openbsd openssh 1.2
openbsd openssh 1.2.3
ssh ssh 1.2.20
ssh ssh 1.2.21
ssh ssh 1.2.28
ssh ssh 1.2.29
ssh ssh 1.2.15
ssh ssh 1.2.22
ssh ssh 1.2.23
ssh ssh 1.2.30
ssh ssh 1.2.31
ssh ssh 1.2.16
ssh ssh 1.2.17
ssh ssh 1.2.24
ssh ssh 1.2.25

source: wwwsecurityfocuscom/bid/1742/info A vulnerability exists in the 12x releases of scp which, if properly exploited using a modified scp binary on the server end, can permit the remote server to spoof local pathnames and overwrite files belonging to the local user For example, following the command scp user@remotehost:/somefile ...

NVD-CWE-Other http://www.securityfocus.com/bid/1742 http://archives.neohapsis.com/archives/bugtraq/2000-09/0359.html http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:057 https://exchange.xforce.ibmcloud.com/vulnerabilities/5312 https://nvd.nist.gov https://www.exploit-db.com/exploits/20253/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2000-0992

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect