// For flags

CVE-2002-0083

OpenSSH 2.x/3.0.1/3.0.2 - Channel Code Off-by-One

Severity Score

9.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.

Error 'off-by-one' en el código de canal de OpenSSH 2.0 a 3.0.2 permite a usuarios locales o a servidores remotos ganar privilegios.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2002-03-06 CVE Reserved
  • 2002-03-07 First Exploit
  • 2002-03-15 CVE Published
  • 2024-08-08 CVE Updated
  • 2024-08-12 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-193: Off-by-one Error
CAPEC
References (24)
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Immunix
Search vendor "Immunix"
Immunix
Search vendor "Immunix" for product "Immunix"
7.0
Search vendor "Immunix" for product "Immunix" and version "7.0"
-
Affected
Mandrakesoft
Search vendor "Mandrakesoft"
Mandrake Single Network Firewall
Search vendor "Mandrakesoft" for product "Mandrake Single Network Firewall"
7.2
Search vendor "Mandrakesoft" for product "Mandrake Single Network Firewall" and version "7.2"
-
Affected
Openbsd
Search vendor "Openbsd"
Openssh
Search vendor "Openbsd" for product "Openssh"
>= 2.0 < 3.1
Search vendor "Openbsd" for product "Openssh" and version " >= 2.0 < 3.1"
-
Affected
Openpkg
Search vendor "Openpkg"
Openpkg
Search vendor "Openpkg" for product "Openpkg"
1.0
Search vendor "Openpkg" for product "Openpkg" and version "1.0"
-
Affected
Conectiva
Search vendor "Conectiva"
Linux
Search vendor "Conectiva" for product "Linux"
5.0
Search vendor "Conectiva" for product "Linux" and version "5.0"
-
Affected
Conectiva
Search vendor "Conectiva"
Linux
Search vendor "Conectiva" for product "Linux"
5.1
Search vendor "Conectiva" for product "Linux" and version "5.1"
-
Affected
Conectiva
Search vendor "Conectiva"
Linux
Search vendor "Conectiva" for product "Linux"
6.0
Search vendor "Conectiva" for product "Linux" and version "6.0"
-
Affected
Conectiva
Search vendor "Conectiva"
Linux
Search vendor "Conectiva" for product "Linux"
7.0
Search vendor "Conectiva" for product "Linux" and version "7.0"
-
Affected
Conectiva
Search vendor "Conectiva"
Linux
Search vendor "Conectiva" for product "Linux"
ecommerce
Search vendor "Conectiva" for product "Linux" and version "ecommerce"
-
Affected
Conectiva
Search vendor "Conectiva"
Linux
Search vendor "Conectiva" for product "Linux"
graficas
Search vendor "Conectiva" for product "Linux" and version "graficas"
-
Affected
Engardelinux
Search vendor "Engardelinux"
Secure Linux
Search vendor "Engardelinux" for product "Secure Linux"
1.0.1
Search vendor "Engardelinux" for product "Secure Linux" and version "1.0.1"
-
Affected
Mandrakesoft
Search vendor "Mandrakesoft"
Mandrake Linux
Search vendor "Mandrakesoft" for product "Mandrake Linux"
7.1
Search vendor "Mandrakesoft" for product "Mandrake Linux" and version "7.1"
-
Affected
Mandrakesoft
Search vendor "Mandrakesoft"
Mandrake Linux
Search vendor "Mandrakesoft" for product "Mandrake Linux"
7.2
Search vendor "Mandrakesoft" for product "Mandrake Linux" and version "7.2"
-
Affected
Mandrakesoft
Search vendor "Mandrakesoft"
Mandrake Linux
Search vendor "Mandrakesoft" for product "Mandrake Linux"
8.0
Search vendor "Mandrakesoft" for product "Mandrake Linux" and version "8.0"
-
Affected
Mandrakesoft
Search vendor "Mandrakesoft"
Mandrake Linux
Search vendor "Mandrakesoft" for product "Mandrake Linux"
8.0
Search vendor "Mandrakesoft" for product "Mandrake Linux" and version "8.0"
ppc
Affected
Mandrakesoft
Search vendor "Mandrakesoft"
Mandrake Linux
Search vendor "Mandrakesoft" for product "Mandrake Linux"
8.1
Search vendor "Mandrakesoft" for product "Mandrake Linux" and version "8.1"
-
Affected
Mandrakesoft
Search vendor "Mandrakesoft"
Mandrake Linux Corporate Server
Search vendor "Mandrakesoft" for product "Mandrake Linux Corporate Server"
1.0.1
Search vendor "Mandrakesoft" for product "Mandrake Linux Corporate Server" and version "1.0.1"
-
Affected
Redhat
Search vendor "Redhat"
Linux
Search vendor "Redhat" for product "Linux"
7.0
Search vendor "Redhat" for product "Linux" and version "7.0"
-
Affected
Redhat
Search vendor "Redhat"
Linux
Search vendor "Redhat" for product "Linux"
7.1
Search vendor "Redhat" for product "Linux" and version "7.1"
-
Affected
Redhat
Search vendor "Redhat"
Linux
Search vendor "Redhat" for product "Linux"
7.2
Search vendor "Redhat" for product "Linux" and version "7.2"
-
Affected
Suse
Search vendor "Suse"
Suse Linux
Search vendor "Suse" for product "Suse Linux"
6.4
Search vendor "Suse" for product "Suse Linux" and version "6.4"
i386
Affected
Suse
Search vendor "Suse"
Suse Linux
Search vendor "Suse" for product "Suse Linux"
6.4
Search vendor "Suse" for product "Suse Linux" and version "6.4"
ppc
Affected
Suse
Search vendor "Suse"
Suse Linux
Search vendor "Suse" for product "Suse Linux"
6.4
Search vendor "Suse" for product "Suse Linux" and version "6.4"
alpha
Affected
Suse
Search vendor "Suse"
Suse Linux
Search vendor "Suse" for product "Suse Linux"
7.0
Search vendor "Suse" for product "Suse Linux" and version "7.0"
i386
Affected
Suse
Search vendor "Suse"
Suse Linux
Search vendor "Suse" for product "Suse Linux"
7.0
Search vendor "Suse" for product "Suse Linux" and version "7.0"
ppc
Affected
Suse
Search vendor "Suse"
Suse Linux
Search vendor "Suse" for product "Suse Linux"
7.0
Search vendor "Suse" for product "Suse Linux" and version "7.0"
sparc
Affected
Suse
Search vendor "Suse"
Suse Linux
Search vendor "Suse" for product "Suse Linux"
7.0
Search vendor "Suse" for product "Suse Linux" and version "7.0"
alpha
Affected
Suse
Search vendor "Suse"
Suse Linux
Search vendor "Suse" for product "Suse Linux"
7.1
Search vendor "Suse" for product "Suse Linux" and version "7.1"
spa
Affected
Suse
Search vendor "Suse"
Suse Linux
Search vendor "Suse" for product "Suse Linux"
7.1
Search vendor "Suse" for product "Suse Linux" and version "7.1"
sparc
Affected
Suse
Search vendor "Suse"
Suse Linux
Search vendor "Suse" for product "Suse Linux"
7.1
Search vendor "Suse" for product "Suse Linux" and version "7.1"
x86
Affected
Suse
Search vendor "Suse"
Suse Linux
Search vendor "Suse" for product "Suse Linux"
7.1
Search vendor "Suse" for product "Suse Linux" and version "7.1"
alpha
Affected
Suse
Search vendor "Suse"
Suse Linux
Search vendor "Suse" for product "Suse Linux"
7.2
Search vendor "Suse" for product "Suse Linux" and version "7.2"
i386
Affected
Suse
Search vendor "Suse"
Suse Linux
Search vendor "Suse" for product "Suse Linux"
7.3
Search vendor "Suse" for product "Suse Linux" and version "7.3"
i386
Affected
Suse
Search vendor "Suse"
Suse Linux
Search vendor "Suse" for product "Suse Linux"
7.3
Search vendor "Suse" for product "Suse Linux" and version "7.3"
ppc
Affected
Suse
Search vendor "Suse"
Suse Linux
Search vendor "Suse" for product "Suse Linux"
7.3
Search vendor "Suse" for product "Suse Linux" and version "7.3"
sparc
Affected
Trustix
Search vendor "Trustix"
Secure Linux
Search vendor "Trustix" for product "Secure Linux"
1.1
Search vendor "Trustix" for product "Secure Linux" and version "1.1"
-
Affected
Trustix
Search vendor "Trustix"
Secure Linux
Search vendor "Trustix" for product "Secure Linux"
1.2
Search vendor "Trustix" for product "Secure Linux" and version "1.2"
-
Affected
Trustix
Search vendor "Trustix"
Secure Linux
Search vendor "Trustix" for product "Secure Linux"
1.5
Search vendor "Trustix" for product "Secure Linux" and version "1.5"
-
Affected