National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:openbsd:openssh:2.1.1
There are 56 matching records.
Displaying matches 41 through 56.
Vuln ID Summary CVSS Severity
CVE-2003-1562

sshd in OpenSSH 3.6.1p2 and earlier, when PermitRootLogin is disabled and using PAM keyboard-interactive authentication, does not insert a delay after a root login attempt with the correct password, which makes it easier for remote attackers to use timing differences to determine if the password step of a multi-step authentication is successful, a different vulnerability than CVE-2003-0190.

Published: December 31, 2003; 12:00:00 AM -05:00
    V2: 7.6 HIGH
CVE-2003-0682

"Memory bugs" in OpenSSH 3.7.1 and earlier, with unknown impact, a different set of vulnerabilities than CVE-2003-0693 and CVE-2003-0695.

Published: October 06, 2003; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2003-0695

Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code using (1) buffer_init in buffer.c, (2) buffer_free in buffer.c, or (3) a separate function in channels.c, a different vulnerability than CVE-2003-0693.

Published: October 06, 2003; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2003-0693

A "buffer management error" in buffer_append_space of buffer.c for OpenSSH before 3.7 may allow remote attackers to execute arbitrary code by causing an incorrect amount of memory to be freed and corrupting the heap, a different vulnerability than CVE-2003-0695.

Published: September 22, 2003; 12:00:00 AM -04:00
    V2: 10.0 HIGH
CVE-2002-0639

Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using SKEY or BSD_AUTH authentication.

Published: July 03, 2002; 12:00:00 AM -04:00
    V2: 10.0 HIGH
CVE-2002-0640

Buffer overflow in sshd in OpenSSH 2.3.1 through 3.3 may allow remote attackers to execute arbitrary code via a large number of responses during challenge response authentication when OpenBSD is using PAM modules with interactive keyboard authentication (PAMAuthenticationViaKbdInt).

Published: July 03, 2002; 12:00:00 AM -04:00
    V2: 10.0 HIGH
CVE-2002-0575

Buffer overflow in OpenSSH before 2.9.9, and 3.x before 3.2.1, with Kerberos/AFS support and KerberosTgtPassing or AFSTokenPassing enabled, allows remote and local authenticated users to gain privileges.

Published: June 18, 2002; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2002-0083

Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.

Published: March 15, 2002; 12:00:00 AM -05:00
    V2: 10.0 HIGH
CVE-2001-0872

OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges.

Published: December 21, 2001; 12:00:00 AM -05:00
    V2: 7.2 HIGH
CVE-2001-0816

OpenSSH before 2.9.9, when running sftp using sftp-server and using restricted keypairs, allows remote authenticated users to bypass authorized_keys2 command= restrictions using sftp commands.

Published: December 06, 2001; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2001-1380

OpenSSH before 2.9.9, while using keypairs and multiple keys of different types in the ~/.ssh/authorized_keys2 file, may not properly handle the "from" option associated with a key, which could allow remote attackers to login from unauthorized IP addresses.

Published: October 18, 2001; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2001-1382

The "echo simulation" traffic analysis countermeasure in OpenSSH before 2.9.9p2 sends an additional echo packet after the password and carriage return is entered, which could allow remote attackers to determine that the countermeasure is being used.

Published: September 27, 2001; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2001-0529

OpenSSH version 2.9 and earlier, with X forwarding enabled, allows a local attacker to delete any file named 'cookies' via a symlink attack.

Published: August 14, 2001; 12:00:00 AM -04:00
    V2: 7.2 HIGH
CVE-2001-0361

Implementations of SSH version 1.5, including (1) OpenSSH up to version 2.3.0, (2) AppGate, and (3) ssh-1 up to version 1.2.31, in certain configurations, allow a remote attacker to decrypt and/or alter traffic via a "Bleichenbacher attack" on PKCS#1 version 1.5.

Published: June 27, 2001; 12:00:00 AM -04:00
    V2: 4.0 MEDIUM
CVE-2001-1459

OpenSSH 2.9 and earlier does not initiate a Pluggable Authentication Module (PAM) session if commands are executed with no pty, which allows local users to bypass resource limits (rlimits) set in pam.d.

Published: June 19, 2001; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2001-0144

CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow.

Published: March 12, 2001; 12:00:00 AM -05:00
    V2: 10.0 HIGH