var-200203-0011
Vulnerability from variot
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. OpenSSH is a program used to provide secure connection and communications between client and servers. Channels are used to segregate differing traffic between the client and the server. OpenSSH is a suite implementing the SSH protocol. It includes client and server software, and supports ssh and sftp. It was initially developed for BSD, but is also widely used for Linux, Solaris, and other UNIX-like operating systems. A vulnerability has been announced in some versions of OpenSSH. A malicious client may exploit this vulnerability by connecting to a vulnerable server. Valid credentials are believed to be required, since the exploitable condition reportedly occurs after successful authentication. An examination of the code suggests this, but it has not been confirmed by the maintainer. Administrators should assume that this can be exploited without authentication and should patch vulnerable versions immediately. It encrypts and transmits all network communications, thereby avoiding attacks at many network layers, and is a very useful network connection tool. A user with a legal login account can use this vulnerability to obtain the root authority of the host. To implement X11, TCP and proxy forwarding, OpenSSH multiplexes multiple "channels" on a single TCP connection. The program may mistakenly use memory data outside the normal range, and an attacker with a legitimate login account logs in After entering the system, this vulnerability can be exploited to allow sshd to execute arbitrary commands with root privileges
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200203-0011",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "linux",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "7.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "7.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "immunix",
"scope": "eq",
"trust": 1.0,
"vendor": "immunix",
"version": "7.0"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "7.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "conectiva",
"version": "graficas"
},
{
"model": "openssh",
"scope": "lt",
"trust": 1.0,
"vendor": "openbsd",
"version": "3.1"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "8.0"
},
{
"model": "mandrake linux corporate server",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "1.0.1"
},
{
"model": "mandrake single network firewall",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "7.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "6.4"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 1.0,
"vendor": "trustix",
"version": "1.5"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "7.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "conectiva",
"version": "7.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "conectiva",
"version": "ecommerce"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 1.0,
"vendor": "trustix",
"version": "1.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "7.2"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "redhat",
"version": "7.2"
},
{
"model": "openpkg",
"scope": "eq",
"trust": 1.0,
"vendor": "openpkg",
"version": "1.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "7.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "conectiva",
"version": "5.0"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 1.0,
"vendor": "trustix",
"version": "1.1"
},
{
"model": "openssh",
"scope": "gte",
"trust": 1.0,
"vendor": "openbsd",
"version": "2.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "conectiva",
"version": "6.0"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "conectiva",
"version": "5.1"
},
{
"model": "secure linux",
"scope": "eq",
"trust": 1.0,
"vendor": "engardelinux",
"version": "1.0.1"
},
{
"model": "linux",
"scope": "eq",
"trust": 1.0,
"vendor": "suse",
"version": "7.3"
},
{
"model": "mandrake linux",
"scope": "eq",
"trust": 1.0,
"vendor": "mandrakesoft",
"version": "8.1"
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "bsdi",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "caldera",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "conectiva",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "engarde",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "hewlett packard",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "mandrakesoft",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "netbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openpkg",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openssh",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "openwall gnu linux",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sco",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "suse",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun",
"version": null
},
{
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "trustix",
"version": null
},
{
"model": "hp-ux",
"scope": null,
"trust": 0.8,
"vendor": "\u30d2\u30e5\u30fc\u30ec\u30c3\u30c8 \u30d1\u30c3\u30ab\u30fc\u30c9",
"version": null
},
{
"model": "red hat linux",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": "7.0"
},
{
"model": "red hat linux",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": "7.2"
},
{
"model": "red hat linux",
"scope": "eq",
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": "7.1"
},
{
"model": "openssh",
"scope": null,
"trust": 0.8,
"vendor": "openbsd",
"version": null
},
{
"model": "p1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "3.0.2"
},
{
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "3.0.2"
},
{
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "3.0.1"
},
{
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "2.9.9"
},
{
"model": "p2",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "2.9"
},
{
"model": "p1",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "2.9"
},
{
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "2.9"
},
{
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "2.5.2"
},
{
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "2.5.1"
},
{
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "2.5"
},
{
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "2.3"
},
{
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "2.2"
},
{
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "2.1.1"
},
{
"model": "openssh",
"scope": "eq",
"trust": 0.3,
"vendor": "openssh",
"version": "2.1"
},
{
"model": "openbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "openbsd",
"version": "2.8"
},
{
"model": "openssh",
"scope": "ne",
"trust": 0.3,
"vendor": "openssh",
"version": "3.1"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#408419"
},
{
"db": "BID",
"id": "4241"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000054"
},
{
"db": "CNNVD",
"id": "CNNVD-200203-034"
},
{
"db": "NVD",
"id": "CVE-2002-0083"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Joost Pol\u203b joost@pine.nl",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200203-034"
}
],
"trust": 0.6
},
"cve": "CVE-2002-0083",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "CVE-2002-0083",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"exploitabilityScore": 10.0,
"id": "VHN-4478",
"impactScore": 10.0,
"integrityImpact": "COMPLETE",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "nvd@nist.gov",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"id": "CVE-2002-0083",
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2002-0083",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2002-0083",
"trust": 1.0,
"value": "CRITICAL"
},
{
"author": "CARNEGIE MELLON",
"id": "VU#408419",
"trust": 0.8,
"value": "25.65"
},
{
"author": "NVD",
"id": "CVE-2002-0083",
"trust": 0.8,
"value": "Critical"
},
{
"author": "CNNVD",
"id": "CNNVD-200203-034",
"trust": 0.6,
"value": "CRITICAL"
},
{
"author": "VULHUB",
"id": "VHN-4478",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#408419"
},
{
"db": "VULHUB",
"id": "VHN-4478"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000054"
},
{
"db": "CNNVD",
"id": "CNNVD-200203-034"
},
{
"db": "NVD",
"id": "CVE-2002-0083"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. OpenSSH is a program used to provide secure connection and communications between client and servers. Channels are used to segregate differing traffic between the client and the server. OpenSSH is a suite implementing the SSH protocol. It includes client and server software, and supports ssh and sftp. It was initially developed for BSD, but is also widely used for Linux, Solaris, and other UNIX-like operating systems. \nA vulnerability has been announced in some versions of OpenSSH. A malicious client may exploit this vulnerability by connecting to a vulnerable server. Valid credentials are believed to be required, since the exploitable condition reportedly occurs after successful authentication. An examination of the code suggests this, but it has not been confirmed by the maintainer. \nAdministrators should assume that this can be exploited without authentication and should patch vulnerable versions immediately. It encrypts and transmits all network communications, thereby avoiding attacks at many network layers, and is a very useful network connection tool. A user with a legal login account can use this vulnerability to obtain the root authority of the host. To implement X11, TCP and proxy forwarding, OpenSSH multiplexes multiple \"channels\" on a single TCP connection. The program may mistakenly use memory data outside the normal range, and an attacker with a legitimate login account logs in After entering the system, this vulnerability can be exploited to allow sshd to execute arbitrary commands with root privileges",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0083"
},
{
"db": "CERT/CC",
"id": "VU#408419"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000054"
},
{
"db": "BID",
"id": "4241"
},
{
"db": "VULHUB",
"id": "VHN-4478"
}
],
"trust": 2.7
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-4478",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4478"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2002-0083",
"trust": 3.6
},
{
"db": "BID",
"id": "4241",
"trust": 3.0
},
{
"db": "CERT/CC",
"id": "VU#408419",
"trust": 1.6
},
{
"db": "OSVDB",
"id": "730",
"trust": 1.1
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000054",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-200203-034",
"trust": 0.7
},
{
"db": "EXPLOIT-DB",
"id": "21314",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-75148",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-4478",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#408419"
},
{
"db": "VULHUB",
"id": "VHN-4478"
},
{
"db": "BID",
"id": "4241"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000054"
},
{
"db": "CNNVD",
"id": "CNNVD-200203-034"
},
{
"db": "NVD",
"id": "CVE-2002-0083"
}
]
},
"id": "VAR-200203-0011",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-4478"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-22T22:48:52.511000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "043",
"trust": 0.8,
"url": "http://www.openbsd.org/"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2002-000054"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-193",
"trust": 1.0
},
{
"problemtype": "Determination of boundary conditions (CWE-193) [NVD evaluation ]",
"trust": 0.8
},
{
"problemtype": "CWE-189",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4478"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000054"
},
{
"db": "NVD",
"id": "CVE-2002-0083"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.9,
"url": "http://www.openbsd.org/advisories/ssh_channelalloc.txt"
},
{
"trust": 2.9,
"url": "http://www.securityfocus.com/bid/4241"
},
{
"trust": 2.1,
"url": "http://marc.info/?l=bugtraq\u0026m=101553908201861\u0026w=2"
},
{
"trust": 2.1,
"url": "http://marc.info/?l=bugtraq\u0026m=101552065005254\u0026w=2"
},
{
"trust": 2.1,
"url": "http://marc.info/?l=bugtraq\u0026m=101561384821761\u0026w=2"
},
{
"trust": 2.1,
"url": "http://marc.info/?l=bugtraq\u0026m=101586991827622\u0026w=2"
},
{
"trust": 2.1,
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html"
},
{
"trust": 2.1,
"url": "http://online.securityfocus.com/archive/1/264657"
},
{
"trust": 2.1,
"url": "http://www.calderasystems.com/support/security/advisories/cssa-2002-012.0.txt"
},
{
"trust": 2.1,
"url": "ftp://stage.caldera.com/pub/security/openserver/cssa-2002-sco.10/cssa-2002-sco.10.txt"
},
{
"trust": 2.1,
"url": "ftp://stage.caldera.com/pub/security/openunix/cssa-2002-sco.11/cssa-2002-sco.11.txt"
},
{
"trust": 2.1,
"url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000467"
},
{
"trust": 2.1,
"url": "http://www.debian.org/security/2002/dsa-119"
},
{
"trust": 2.1,
"url": "http://www.linuxsecurity.com/advisories/other_advisory-1937.html"
},
{
"trust": 2.1,
"url": "ftp://ftp.freebsd.org/pub/freebsd/cert/advisories/freebsd-sa-02:13.openssh.asc"
},
{
"trust": 2.1,
"url": "http://online.securityfocus.com/advisories/3960"
},
{
"trust": 2.1,
"url": "http://www.linux-mandrake.com/en/security/2002/mdksa-2002-019.php"
},
{
"trust": 2.1,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2002-004.txt.asc"
},
{
"trust": 2.1,
"url": "http://www.osvdb.org/730"
},
{
"trust": 2.1,
"url": "http://www.redhat.com/support/errata/rhsa-2002-043.html"
},
{
"trust": 2.1,
"url": "http://www.novell.com/linux/security/advisories/2002_009_openssh_txt.html"
},
{
"trust": 2.1,
"url": "http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0060.html"
},
{
"trust": 2.1,
"url": "http://www.iss.net/security_center/static/8383.php"
},
{
"trust": 0.8,
"url": "http://www.pine.nl/advisories/pine-cert-20020301.txt"
},
{
"trust": 0.8,
"url": "http://online.securityfocus.com/bid/4241"
},
{
"trust": 0.8,
"url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2002-0083"
},
{
"trust": 0.8,
"url": "http://www.kb.cert.org/vuls/id/408419"
},
{
"trust": 0.3,
"url": "http://support.coresecurity.com/impact/exploits/44711fd6971e717073942524961d8e3e.html"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#408419"
},
{
"db": "VULHUB",
"id": "VHN-4478"
},
{
"db": "BID",
"id": "4241"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000054"
},
{
"db": "NVD",
"id": "CVE-2002-0083"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CERT/CC",
"id": "VU#408419"
},
{
"db": "VULHUB",
"id": "VHN-4478"
},
{
"db": "BID",
"id": "4241"
},
{
"db": "JVNDB",
"id": "JVNDB-2002-000054"
},
{
"db": "CNNVD",
"id": "CNNVD-200203-034"
},
{
"db": "NVD",
"id": "CVE-2002-0083"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-03-07T00:00:00",
"db": "CERT/CC",
"id": "VU#408419"
},
{
"date": "2002-03-15T00:00:00",
"db": "VULHUB",
"id": "VHN-4478"
},
{
"date": "2002-03-07T00:00:00",
"db": "BID",
"id": "4241"
},
{
"date": "2007-04-01T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2002-000054"
},
{
"date": "2002-03-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200203-034"
},
{
"date": "2002-03-15T05:00:00",
"db": "NVD",
"id": "CVE-2002-0083"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-04-02T00:00:00",
"db": "CERT/CC",
"id": "VU#408419"
},
{
"date": "2016-10-18T00:00:00",
"db": "VULHUB",
"id": "VHN-4478"
},
{
"date": "2007-11-05T15:25:00",
"db": "BID",
"id": "4241"
},
{
"date": "2024-02-26T07:51:00",
"db": "JVNDB",
"id": "JVNDB-2002-000054"
},
{
"date": "2006-09-15T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200203-034"
},
{
"date": "2024-11-20T23:38:16.160000",
"db": "NVD",
"id": "CVE-2002-0083"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200203-034"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "OpenSSH contains a one-off overflow of an array in the channel handling code",
"sources": [
{
"db": "CERT/CC",
"id": "VU#408419"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "digital error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200203-034"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.