CVE-2003-0787 - The PAM conversation function in OpenSSH 3.7.1 and 3.7.1p1 interprets an array of structures as an a

CVE-2003-0787

Summary

The PAM conversation function in OpenSSH 3.7.1 and 3.7.1p1 interprets an array of structures as an array of pointers, which allows attackers to modify the stack and possibly gain privileges.

References

Vulnerable Configurations

cpe:2.3:a:openbsd:openssh:3.7.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.7.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.7.1p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.7.1p1:*:*:*:*:*:*:*

CVSS

Base:	7.5 (as of 10-09-2008 - 19:20)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:P/A:P

refmap via4

bid	8677
bugtraq	20030923 Multiple PAM vulnerabilities in portable OpenSSH 20030923 Portable OpenSSH 3.7.1p2 released
cert-vn	VU#209807
confirm	http://www.openssh.com/txt/sshpam.adv
fulldisc	20030924 [OpenPKG-SA-2003.042] OpenPKG Security Advisory (openssh)

Last major update

10-09-2008 - 19:20

Published

17-11-2003 - 05:00

Last modified

10-09-2008 - 19:20