CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2004-1653
https://notcve.org/view.php?id=CVE-2004-1653
31 Aug 2004 — The default configuration for OpenSSH enables AllowTcpForwarding, which could allow remote authenticated users to perform a port bounce, when configured with an anonymous access program such as AnonCVS. • http://marc.info/?l=bugtraq&m=109413637313484&w=2 •
CVSS: 7.5EPSS: 0%CPEs: 15EXPL: 0CVE-2004-0175
https://notcve.org/view.php?id=CVE-2004-0175
03 Jun 2004 — Directory traversal vulnerability in scp for OpenSSH before 3.4p1 allows remote malicious servers to overwrite arbitrary files. NOTE: this may be a rediscovery of CVE-2000-0992. Vulnerabilidad de atravesamiento de directorios en scp de OpenSSH anteriores a 3.4p1 permite a servidores remotos maliciosos sobreescribir ficheros de su eleccion. • ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.11/SCOSA-2006.11.txt • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 1%CPEs: 45EXPL: 0CVE-2003-1562
https://notcve.org/view.php?id=CVE-2003-1562
31 Dec 2003 — sshd in OpenSSH 3.6.1p2 and earlier, when PermitRootLogin is disabled and using PAM keyboard-interactive authentication, does not insert a delay after a root login attempt with the correct password, which makes it easier for remote attackers to use timing differences to determine if the password step of a multi-step authentication is successful, a different vulnerability than CVE-2003-0190. • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=248747 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 10.0EPSS: 1%CPEs: 2EXPL: 0CVE-2003-0786
https://notcve.org/view.php?id=CVE-2003-0786
25 Sep 2003 — The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and 3.7.1p1, when Privilege Separation is disabled, does not check the result of the authentication attempt, which can allow remote attackers to gain privileges. La atentificación desafío-respuesta SSH1 PAM en OpenSSH 3.7.1 y 3.7.1p1, cuando la separación de privilegios está desactivada, no comprueba el resultado del intento de autenticación, lo que puede permitir a atacantes remotos ganar privilegios. • http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/010812.html •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2003-0787
https://notcve.org/view.php?id=CVE-2003-0787
25 Sep 2003 — The PAM conversation function in OpenSSH 3.7.1 and 3.7.1p1 interprets an array of structures as an array of pointers, which allows attackers to modify the stack and possibly gain privileges. La función de conversación PAM en OpenSSH 3.7.1 y 3.7.1p1 interpreta un array de estructuras como un array de punteros, lo que permite a atacantes modificar la pila y posiblemente ganar privilegios. • http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/010812.html •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2003-0682
https://notcve.org/view.php?id=CVE-2003-0682
18 Sep 2003 — "Memory bugs" in OpenSSH 3.7.1 and earlier, with unknown impact, a different set of vulnerabilities than CVE-2003-0693 and CVE-2003-0695. "Errores de Memoria" en OpenSSH 3.7.1 y anteriores, con impacto desconocido, un grupo de vulnerabilidades distinto de CAN-2003-0693 y CAN-2003-0695. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000741 •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2003-0695
https://notcve.org/view.php?id=CVE-2003-0695
18 Sep 2003 — Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code using (1) buffer_init in buffer.c, (2) buffer_free in buffer.c, or (3) a separate function in channels.c, a different vulnerability than CVE-2003-0693. Múltiples "errores de gestión de búferes" en OpenSSH anteriores a 3.7.1 pueden permitir a atacantes causar una denegación de servicio o ejecutar código arbitrario usando (1) buffer_init en buffer.c, (2) buffer_free en buffer.... • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000741 •
CVSS: 10.0EPSS: 15%CPEs: 1EXPL: 0CVE-2003-0693
https://notcve.org/view.php?id=CVE-2003-0693
17 Sep 2003 — A "buffer management error" in buffer_append_space of buffer.c for OpenSSH before 3.7 may allow remote attackers to execute arbitrary code by causing an incorrect amount of memory to be freed and corrupting the heap, a different vulnerability than CVE-2003-0695. Un "error de gestión de búfer" en buffer_append_space de buffer.c de OpenSSH anteriores a 3.7 puede permitir a atacantes remotos ejecutar código arbitrario causando que una cantidad incorrecta de memoria sea liberada, y corrompiendo el montón. • http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/010103.html •
CVSS: 7.5EPSS: 9%CPEs: 1EXPL: 2CVE-2003-0386
https://notcve.org/view.php?id=CVE-2003-0386
10 Jun 2003 — OpenSSH 3.6.1 and earlier, when restricting host access by numeric IP addresses and with VerifyReverseMapping disabled, allows remote attackers to bypass "from=" and "user@host" address restrictions by connecting to a host from a system whose reverse DNS hostname contains the numeric IP address. OpenSSH 3.6.1 y anteriores, cuando se restringe el acceso de máquinas por direcciones IP numéricas, y con VerifyReverseMapping desactivado, permite a atacantes remotos evitar restricciones de acceso "from=" y "usuar... • ftp://patches.sgi.com/support/free/security/advisories/20060703-01-U.asc •
CVSS: 5.3EPSS: 12%CPEs: 8EXPL: 5CVE-2003-0190 – OpenSSH/PAM 3.6.1p1 - 'gossh.sh' Remote Users Ident
https://notcve.org/view.php?id=CVE-2003-0190
02 May 2003 — OpenSSH-portable (OpenSSH) 3.6.1p1 and earlier with PAM support enabled immediately sends an error message when a user does not exist, which allows remote attackers to determine valid usernames via a timing attack. OpenSSH-portable (OpenSSH) 3.6.1p1 y anteriores con soporte PAM activado envía inmediatamente un mensaje de error cuando un usuario no existe, lo que permite a atacantes remotos determinar nombres de usuario válidos mediante un ataque de temporización. • https://packetstorm.news/files/id/181223 • CWE-203: Observable Discrepancy •