Openbsd: >> Openssh >> 2.9p1 Security Vulnerabilities
Buffer overflow in sshd in OpenSSH 2.3.1 through 3.3 may allow remote attackers to execute arbitrary code via a large number of responses during challenge response authentication when OpenBSD is using PAM modules with interactive keyboard authentication (PAMAuthenticationViaKbdInt).
CVSS Score
10.0
EPSS Score
0.287
Published
2002-07-03
Buffer overflow in OpenSSH before 2.9.9, and 3.x before 3.2.1, with Kerberos/AFS support and KerberosTgtPassing or AFSTokenPassing enabled, allows remote and local authenticated users to gain privileges.
CVSS Score
7.5
EPSS Score
0.034
Published
2002-06-18
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
CVSS Score
9.8
EPSS Score
0.033
Published
2002-03-15
OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges.
CVSS Score
7.2
EPSS Score
0.002
Published
2001-12-21
Page 6