CVSS: 8.1EPSS: 1%CPEs: 4EXPL: 0CVE-2001-0361
https://notcve.org/view.php?id=CVE-2001-0361
27 Jun 2001 — Implementations of SSH version 1.5, including (1) OpenSSH up to version 2.3.0, (2) AppGate, and (3) ssh-1 up to version 1.2.31, in certain configurations, allow a remote attacker to decrypt and/or alter traffic via a "Bleichenbacher attack" on PKCS#1 version 1.5. • ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:24.ssh.asc • CWE-310: Cryptographic Issues •
CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 0CVE-2001-1459
https://notcve.org/view.php?id=CVE-2001-1459
19 Jun 2001 — OpenSSH 2.9 and earlier does not initiate a Pluggable Authentication Module (PAM) session if commands are executed with no pty, which allows local users to bypass resource limits (rlimits) set in pam.d. • http://marc.info/?l=bugtraq&m=99324968918628&w=2 •
CVSS: 10.0EPSS: 34%CPEs: 13EXPL: 3CVE-2001-0144 – SSH (x2) - Remote Command Execution
https://notcve.org/view.php?id=CVE-2001-0144
12 Mar 2001 — CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow. • https://www.exploit-db.com/exploits/349 •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2000-1169
https://notcve.org/view.php?id=CVE-2000-1169
09 Jan 2001 — OpenSSH SSH client before 2.3.0 does not properly disable X11 or agent forwarding, which could allow a malicious SSH server to gain access to the X11 display and sniff X11 events, or gain access to the ssh-agent. • http://archives.neohapsis.com/archives/bugtraq/2000-11/0195.html •
CVSS: 7.5EPSS: 2%CPEs: 20EXPL: 3CVE-2000-0992 – OpenSSH 1.2 - '.scp' File Create/Overwrite
https://notcve.org/view.php?id=CVE-2000-0992
19 Dec 2000 — Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a .. (dot dot) attack. Many scp clients fail to verify if the objects returned by the scp server match those it asked for. This issue dates back to 1983 and rcp, on which scp is based. A separate flaw in the client allows the target directory attributes to be changed arbitrarily. • https://www.exploit-db.com/exploits/20253 •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2000-0525
https://notcve.org/view.php?id=CVE-2000-0525
08 Jun 2000 — OpenSSH does not properly drop privileges when the UseLogin option is enabled, which allows local users to execute arbitrary commands by providing the command to the ssh daemon. • http://archives.neohapsis.com/archives/bugtraq/2000-06/0065.html •
CVSS: 9.8EPSS: 0%CPEs: 46EXPL: 0CVE-2000-0217
https://notcve.org/view.php?id=CVE-2000-0217
24 Feb 2000 — The default configuration of SSH allows X forwarding, which could allow a remote attacker to control a client's X sessions via a malicious xauth program. • http://www.securityfocus.com/bid/1006 •
CVSS: 9.8EPSS: 0%CPEs: 30EXPL: 0CVE-2000-0143
https://notcve.org/view.php?id=CVE-2000-0143
11 Feb 2000 — The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP. • https://exchange.xforce.ibmcloud.com/vulnerabilities/CVE-2000-0143 •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-1999-1010
https://notcve.org/view.php?id=CVE-1999-1010
14 Dec 1999 — An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy. • http://marc.info/?l=bugtraq&m=94519142415338&w=2 •