Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2002-0575

Published: 18/06/2002 Updated: 18/10/2016
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 755
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Openssh

Vulnerability Summary

Buffer overflow in OpenSSH prior to 2.9.9, and 3.x prior to 3.2.1, with Kerberos/AFS support and KerberosTgtPassing or AFSTokenPassing enabled, allows remote and local authenticated users to gain privileges.

Vulnerable Product Search on Vulmon Subscribe to Product

openbsd openssh 2.1

openbsd openssh 2.1.1

openbsd openssh 2.9p1

openbsd openssh 2.9p2

openbsd openssh 2.2

openbsd openssh 2.3

openbsd openssh 3.0

openbsd openssh 3.0.1

openbsd openssh 2.5.2

openbsd openssh 2.9

openbsd openssh 2.9.9

openbsd openssh 3.2

openbsd openssh 2.5

openbsd openssh 2.5.1

openbsd openssh 3.0.2

openbsd openssh 3.1

Exploits

Exploit DB: OpenSSH 2.x/3.x - Kerberos 4 TGT/AFS Token Buffer Overflow
source: wwwsecurityfocuscom/bid/4560/info A buffer overflow condition exists in the OpenSSH server The condition is exploitable by attackers with valid user credentials in versions 299 and higher Exploitation does not require valid user credentials in versions prior to 299 The vulnerability is related to the handling of Kerberos 4 ...

References

NVD-CWE-Otherhttp://archives.neohapsis.com/archives/bugtraq/2002-04/0394.htmlhttp://www.securityfocus.com/bid/4560http://www.iss.net/security_center/static/8896.phphttp://online.securityfocus.com/archive/1/269701http://online.securityfocus.com/archive/1/268718http://archives.neohapsis.com/archives/bugtraq/2002-04/0298.htmlftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-022.2.txthttp://www.osvdb.org/781http://marc.info/?l=vuln-dev&m=101924296115863&w=2http://marc.info/?l=bugtraq&m=102167972421837&w=2https://nvd.nist.govhttps://www.exploit-db.com/exploits/21402/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700CVE-2022-48689CVE-2024-27956CVE-2023-6363SQLNULL pointer dereferenceCVE-2023-41830CVE-2015-2051arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook