|
| TC: | 12096 | |
| Description: | OpenSSH is a popular free version of the SSH protocol. Version of OpenSSH prior to 3.7.1 contain a buffer overflow in buffer_append_space() function of buffer.c. This vulnerability can be exploited to run arbitrary code. | |
| TC Impact: | Gather Info | |
| Service: | ssh |
| Vulnerability Publication: | September 17, 2003 | |
| Advisory Copyright: | OpenSSH | |
| Summary: | It is possible to create a denial of service and probably run arbitrary commands using the OpenSSH server running on your host. | |
| Risk: | High | |
| CVSS 2.0 metrics: | Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete | |
| CVSS 2.0 Base Score: | 10 |
| Vulnerability Impact: |
Gain Root |
|---|
| Host Impact: | Service can be stopped and arbitrary code is likely to be executed on your server. | |
| Nature of Remediation: | Update the software. |
| Step required to fix the reported vulnerability: | |
***** Solution type: Upgrade Software ***** To fix the vulnerability upgrade to at least OpenSSH version 3.7.1, which is available from the OpenSSH web site at: http://www.openssh.com. |
| References: | ||
| CERT Advisory: http://www.cert.org/advisories/CA-2003-24.html Vendor's confirm: http://www.openssh.com/txt/buffer.adv CERT Vulnerability Note: http://www.kb.cert.org/vuls/id/333628 BID: http://www.securityfocus.com/bid/8628 Product Home Page: http://www.openssh.com Cisco Advisory: http://www.cisco.com/warp/public/707/cisco-sa-20030917-openssh.shtml |
| CVE Link: |
CVE-2003-0693 CVE-2003-0695 |
 |
|---|
| Glossary: |
Buffer Overflow SSH |
|---|