Vulnerability Details CVE-2001-0144
CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.345
EPSS Ranking 96.7%
CVSS Severity
CVSS v2 Score 10.0
References
- http://marc.info/?l=bugtraq&m=98168366406903&w=2
- http://razor.bindview.com/publish/advisories/adv_ssh1crc.html
- http://www.cert.org/advisories/CA-2001-35.html
- http://www.osvdb.org/503
- http://www.osvdb.org/795
- http://www.securityfocus.com/bid/2347
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6083
- http://marc.info/?l=bugtraq&m=98168366406903&w=2
- http://razor.bindview.com/publish/advisories/adv_ssh1crc.html
- http://www.cert.org/advisories/CA-2001-35.html
- http://www.osvdb.org/503
- http://www.osvdb.org/795
- http://www.securityfocus.com/bid/2347
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6083
Products affected by CVE-2001-0144
-
cpe:2.3:a:openbsd:openssh:1.2.2
-
cpe:2.3:a:openbsd:openssh:1.2.3
-
cpe:2.3:a:openbsd:openssh:2.1
-
cpe:2.3:a:openbsd:openssh:2.1.1
-
cpe:2.3:a:openbsd:openssh:2.2
-
cpe:2.3:a:ssh:ssh:1.2.24
-
cpe:2.3:a:ssh:ssh:1.2.25
-
cpe:2.3:a:ssh:ssh:1.2.26
-
cpe:2.3:a:ssh:ssh:1.2.27
-
cpe:2.3:a:ssh:ssh:1.2.28
-
cpe:2.3:a:ssh:ssh:1.2.29
-
cpe:2.3:a:ssh:ssh:1.2.30
-
cpe:2.3:a:ssh:ssh:1.2.31