CVE-2000-0992

Published: 19/12/2000 Updated: 03/05/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 505

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a .. (dot dot) attack.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ssh ssh 1.2.21
ssh ssh 1.2.15
ssh ssh 1.2.14
ssh ssh 1.2.19
ssh ssh 1.2.31
ssh ssh 1.2.24
ssh ssh 1.2.18
openbsd openssh 1.2.3
ssh ssh 1.2.20
openbsd openssh 1.2
ssh ssh 1.2.25
ssh ssh 1.2.17
ssh ssh 1.2.30
ssh ssh 1.2.26
ssh ssh 1.2.27
ssh ssh 1.2.16
ssh ssh 1.2.28
ssh ssh 1.2.29
ssh ssh 1.2.22
ssh ssh 1.2.23

source: wwwsecurityfocuscom/bid/1742/info A vulnerability exists in the 12x releases of scp which, if properly exploited using a modified scp binary on the server end, can permit the remote server to spoof local pathnames and overwrite files belonging to the local user For example, following the command scp user@remotehost:/somefile ...

scp client multiple vulnerabilities =================================== The latest version of this advisory is available at: sintonenfi/advisories/scp-client-multiple-vulnerabilitiestxt Overview -------- SCP clients from multiple vendors are susceptible to a malicious scp server performing unauthorized changes to target directory and/o ...

NVD-CWE-Other http://www.securityfocus.com/bid/1742 http://archives.neohapsis.com/archives/bugtraq/2000-09/0359.html http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:057 https://exchange.xforce.ibmcloud.com/vulnerabilities/5312 https://nvd.nist.gov https://www.exploit-db.com/exploits/20253/

CVE-2000-0992

Vulnerability Summary

Vulnerability Trend

Exploits

Mailing Lists

References

Vulmon Search

About

Products

Connect