Back to search
CVE-2002-0639
Published: Apr 2, 2003
Modified: Aug 8, 2024
PUBLISHED
Description
Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using SKEY or BSD_AUTH authentication.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
DSA-134
vendor-advisory
x_refsource_DEBIAN
openssh-challenge-response-bo(9169)
vdb-entry
x_refsource_XF
20020626 [OpenPKG-SA-2002.005] OpenPKG Security Advisory (openssh)
mailing-list
x_refsource_BUGTRAQ
20020626 OpenSSH Security Advisory (adv.iss)
mailing-list
x_refsource_BUGTRAQ
6245
vdb-entry
x_refsource_OSVDB
CA-2002-18
third-party-advisory
x_refsource_CERT
20020627 How to reproduce OpenSSH Overflow.
mailing-list
x_refsource_BUGTRAQ
5093
vdb-entry
x_refsource_BID
ESA-20020702-016
vendor-advisory
x_refsource_ENGARDE
VU#369347
third-party-advisory
x_refsource_CERT-VN
CLA-2002:502
vendor-advisory
x_refsource_CONECTIVA
HPSBUX0206-195
vendor-advisory
x_refsource_HP
MDKSA-2002:040
vendor-advisory
x_refsource_MANDRAKE
20020626 Revised OpenSSH Security Advisory (adv.iss)
mailing-list
x_refsource_BUGTRAQ
20020626 OpenSSH Remote Challenge Vulnerability
third-party-advisory
x_refsource_ISS
https://twitter.com/RooneyMcNibNug/status/1152332585349111810
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now