CVE-2002-0640

OpenSSH 3.x - Challenge-Response Buffer Overflow

Severity Score

10.0

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Buffer overflow in sshd in OpenSSH 2.3.1 through 3.3 may allow remote attackers to execute arbitrary code via a large number of responses during challenge response authentication when OpenBSD is using PAM modules with interactive keyboard authentication (PAMAuthenticationViaKbdInt).

*Credits: N/A

CVSS Scores

NISTv2 10.0

Attack Vector

Network

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2002-06-24 First Exploit
2002-06-28 CVE Reserved
2002-07-03 CVE Published
2024-07-07 EPSS Updated
2024-08-08 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CAPEC

References (22)

URL	Tag	Source
http://marc.info/?l=bugtraq&m=102514371522793&w=2	Mailing List
http://marc.info/?l=bugtraq&m=102514631524575&w=2	Mailing List
http://marc.info/?l=bugtraq&m=102521542826833&w=2	Mailing List
http://marc.info/?l=bugtraq&m=102532054613894&w=2	Mailing List
http://www.cert.org/advisories/CA-2002-18.html	Third Party Advisory
http://www.kb.cert.org/vuls/id/369347	Third Party Advisory
http://www.openwall.com/lists/oss-security/2024/07/01/3	Mailing List
http://www.osvdb.org/839	Vdb Entry
http://www.securityfocus.com/bid/5093	Vdb Entry

URL	Date	SRC
https://www.exploit-db.com/exploits/21579	2002-06-24
https://www.exploit-db.com/exploits/21578	2002-06-24

URL	Date	SRC

URL	Date	SRC
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-030.0.txt	2024-07-01
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000502	2024-07-01
http://www.debian.org/security/2002/dsa-134	2024-07-01
http://www.linuxsecurity.com/advisories/other_advisory-2177.html	2024-07-01
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:040	2024-07-01
http://www.novell.com/linux/security/advisories/2002_024_openssh_txt.html	2024-07-01
http://www.redhat.com/support/errata/RHSA-2002-127.html	2024-07-01
http://www.redhat.com/support/errata/RHSA-2002-131.html	2024-07-01
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0206-195	2024-07-01
https://access.redhat.com/security/cve/CVE-2002-0640	2002-07-12
https://bugzilla.redhat.com/show_bug.cgi?id=1616784	2002-07-12

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Openbsd Search vendor "Openbsd"		Openssh Search vendor "Openbsd" for product "Openssh"				1.2.2 Search vendor "Openbsd" for product "Openssh" and version "1.2.2"		-		Affected
Openbsd Search vendor "Openbsd"		Openssh Search vendor "Openbsd" for product "Openssh"				1.2.3 Search vendor "Openbsd" for product "Openssh" and version "1.2.3"		-		Affected
Openbsd Search vendor "Openbsd"		Openssh Search vendor "Openbsd" for product "Openssh"				2.1 Search vendor "Openbsd" for product "Openssh" and version "2.1"		-		Affected
Openbsd Search vendor "Openbsd"		Openssh Search vendor "Openbsd" for product "Openssh"				2.1.1 Search vendor "Openbsd" for product "Openssh" and version "2.1.1"		-		Affected
Openbsd Search vendor "Openbsd"		Openssh Search vendor "Openbsd" for product "Openssh"				2.2 Search vendor "Openbsd" for product "Openssh" and version "2.2"		-		Affected
Openbsd Search vendor "Openbsd"		Openssh Search vendor "Openbsd" for product "Openssh"				2.3 Search vendor "Openbsd" for product "Openssh" and version "2.3"		-		Affected
Openbsd Search vendor "Openbsd"		Openssh Search vendor "Openbsd" for product "Openssh"				2.5 Search vendor "Openbsd" for product "Openssh" and version "2.5"		-		Affected
Openbsd Search vendor "Openbsd"		Openssh Search vendor "Openbsd" for product "Openssh"				2.5.1 Search vendor "Openbsd" for product "Openssh" and version "2.5.1"		-		Affected
Openbsd Search vendor "Openbsd"		Openssh Search vendor "Openbsd" for product "Openssh"				2.5.2 Search vendor "Openbsd" for product "Openssh" and version "2.5.2"		-		Affected
Openbsd Search vendor "Openbsd"		Openssh Search vendor "Openbsd" for product "Openssh"				2.9 Search vendor "Openbsd" for product "Openssh" and version "2.9"		-		Affected
Openbsd Search vendor "Openbsd"		Openssh Search vendor "Openbsd" for product "Openssh"				2.9.9 Search vendor "Openbsd" for product "Openssh" and version "2.9.9"		-		Affected
Openbsd Search vendor "Openbsd"		Openssh Search vendor "Openbsd" for product "Openssh"				2.9p1 Search vendor "Openbsd" for product "Openssh" and version "2.9p1"		-		Affected
Openbsd Search vendor "Openbsd"		Openssh Search vendor "Openbsd" for product "Openssh"				2.9p2 Search vendor "Openbsd" for product "Openssh" and version "2.9p2"		-		Affected
Openbsd Search vendor "Openbsd"		Openssh Search vendor "Openbsd" for product "Openssh"				3.0 Search vendor "Openbsd" for product "Openssh" and version "3.0"		-		Affected
Openbsd Search vendor "Openbsd"		Openssh Search vendor "Openbsd" for product "Openssh"				3.0.1 Search vendor "Openbsd" for product "Openssh" and version "3.0.1"		-		Affected
Openbsd Search vendor "Openbsd"		Openssh Search vendor "Openbsd" for product "Openssh"				3.0.1p1 Search vendor "Openbsd" for product "Openssh" and version "3.0.1p1"		-		Affected
Openbsd Search vendor "Openbsd"		Openssh Search vendor "Openbsd" for product "Openssh"				3.0.2 Search vendor "Openbsd" for product "Openssh" and version "3.0.2"		-		Affected
Openbsd Search vendor "Openbsd"		Openssh Search vendor "Openbsd" for product "Openssh"				3.0.2p1 Search vendor "Openbsd" for product "Openssh" and version "3.0.2p1"		-		Affected
Openbsd Search vendor "Openbsd"		Openssh Search vendor "Openbsd" for product "Openssh"				3.0p1 Search vendor "Openbsd" for product "Openssh" and version "3.0p1"		-		Affected
Openbsd Search vendor "Openbsd"		Openssh Search vendor "Openbsd" for product "Openssh"				3.1 Search vendor "Openbsd" for product "Openssh" and version "3.1"		-		Affected
Openbsd Search vendor "Openbsd"		Openssh Search vendor "Openbsd" for product "Openssh"				3.1p1 Search vendor "Openbsd" for product "Openssh" and version "3.1p1"		-		Affected
Openbsd Search vendor "Openbsd"		Openssh Search vendor "Openbsd" for product "Openssh"				3.2 Search vendor "Openbsd" for product "Openssh" and version "3.2"		-		Affected
Openbsd Search vendor "Openbsd"		Openssh Search vendor "Openbsd" for product "Openssh"				3.2.2p1 Search vendor "Openbsd" for product "Openssh" and version "3.2.2p1"		-		Affected
Openbsd Search vendor "Openbsd"		Openssh Search vendor "Openbsd" for product "Openssh"				3.2.3p1 Search vendor "Openbsd" for product "Openssh" and version "3.2.3p1"		-		Affected
Openbsd Search vendor "Openbsd"		Openssh Search vendor "Openbsd" for product "Openssh"				3.3 Search vendor "Openbsd" for product "Openssh" and version "3.3"		-		Affected
Openbsd Search vendor "Openbsd"		Openssh Search vendor "Openbsd" for product "Openssh"				3.3p1 Search vendor "Openbsd" for product "Openssh" and version "3.3p1"		-		Affected