CVE-2000-0992
OpenSSH 1.2 - '.scp' File Create/Overwrite
Severity Score
7.5
*CVSS v3
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
3
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a .. (dot dot) attack.
Many scp clients fail to verify if the objects returned by the scp server match those it asked for. This issue dates back to 1983 and rcp, on which scp is based. A separate flaw in the client allows the target directory attributes to be changed arbitrarily. Finally, two vulnerabilities in clients may allow server to spoof the client output.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2000-09-30 First Exploit
- 2000-11-24 CVE Reserved
- 2000-12-19 CVE Published
- 2024-08-08 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (5)
| URL | Tag | Source |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/5312 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/20253 | 2000-09-30 | |
| http://archives.neohapsis.com/archives/bugtraq/2000-09/0359.html | 2024-08-08 | |
| http://www.securityfocus.com/bid/1742 | 2024-08-08 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:057 | 2018-05-03 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Openbsd Search vendor "Openbsd" | Openssh Search vendor "Openbsd" for product "Openssh" | 1.2 Search vendor "Openbsd" for product "Openssh" and version "1.2" | - |
Affected
| ||||||
| Openbsd Search vendor "Openbsd" | Openssh Search vendor "Openbsd" for product "Openssh" | 1.2.3 Search vendor "Openbsd" for product "Openssh" and version "1.2.3" | - |
Affected
| ||||||
| Ssh Search vendor "Ssh" | Ssh Search vendor "Ssh" for product "Ssh" | 1.2.14 Search vendor "Ssh" for product "Ssh" and version "1.2.14" | - |
Affected
| ||||||
| Ssh Search vendor "Ssh" | Ssh Search vendor "Ssh" for product "Ssh" | 1.2.15 Search vendor "Ssh" for product "Ssh" and version "1.2.15" | - |
Affected
| ||||||
| Ssh Search vendor "Ssh" | Ssh Search vendor "Ssh" for product "Ssh" | 1.2.16 Search vendor "Ssh" for product "Ssh" and version "1.2.16" | - |
Affected
| ||||||
| Ssh Search vendor "Ssh" | Ssh Search vendor "Ssh" for product "Ssh" | 1.2.17 Search vendor "Ssh" for product "Ssh" and version "1.2.17" | - |
Affected
| ||||||
| Ssh Search vendor "Ssh" | Ssh Search vendor "Ssh" for product "Ssh" | 1.2.18 Search vendor "Ssh" for product "Ssh" and version "1.2.18" | - |
Affected
| ||||||
| Ssh Search vendor "Ssh" | Ssh Search vendor "Ssh" for product "Ssh" | 1.2.19 Search vendor "Ssh" for product "Ssh" and version "1.2.19" | - |
Affected
| ||||||
| Ssh Search vendor "Ssh" | Ssh Search vendor "Ssh" for product "Ssh" | 1.2.20 Search vendor "Ssh" for product "Ssh" and version "1.2.20" | - |
Affected
| ||||||
| Ssh Search vendor "Ssh" | Ssh Search vendor "Ssh" for product "Ssh" | 1.2.21 Search vendor "Ssh" for product "Ssh" and version "1.2.21" | - |
Affected
| ||||||
| Ssh Search vendor "Ssh" | Ssh Search vendor "Ssh" for product "Ssh" | 1.2.22 Search vendor "Ssh" for product "Ssh" and version "1.2.22" | - |
Affected
| ||||||
| Ssh Search vendor "Ssh" | Ssh Search vendor "Ssh" for product "Ssh" | 1.2.23 Search vendor "Ssh" for product "Ssh" and version "1.2.23" | - |
Affected
| ||||||
| Ssh Search vendor "Ssh" | Ssh Search vendor "Ssh" for product "Ssh" | 1.2.24 Search vendor "Ssh" for product "Ssh" and version "1.2.24" | - |
Affected
| ||||||
| Ssh Search vendor "Ssh" | Ssh Search vendor "Ssh" for product "Ssh" | 1.2.25 Search vendor "Ssh" for product "Ssh" and version "1.2.25" | - |
Affected
| ||||||
| Ssh Search vendor "Ssh" | Ssh Search vendor "Ssh" for product "Ssh" | 1.2.26 Search vendor "Ssh" for product "Ssh" and version "1.2.26" | - |
Affected
| ||||||
| Ssh Search vendor "Ssh" | Ssh Search vendor "Ssh" for product "Ssh" | 1.2.27 Search vendor "Ssh" for product "Ssh" and version "1.2.27" | - |
Affected
| ||||||
| Ssh Search vendor "Ssh" | Ssh Search vendor "Ssh" for product "Ssh" | 1.2.28 Search vendor "Ssh" for product "Ssh" and version "1.2.28" | - |
Affected
| ||||||
| Ssh Search vendor "Ssh" | Ssh Search vendor "Ssh" for product "Ssh" | 1.2.29 Search vendor "Ssh" for product "Ssh" and version "1.2.29" | - |
Affected
| ||||||
| Ssh Search vendor "Ssh" | Ssh Search vendor "Ssh" for product "Ssh" | 1.2.30 Search vendor "Ssh" for product "Ssh" and version "1.2.30" | - |
Affected
| ||||||
| Ssh Search vendor "Ssh" | Ssh Search vendor "Ssh" for product "Ssh" | 1.2.31 Search vendor "Ssh" for product "Ssh" and version "1.2.31" | - |
Affected
| ||||||