CVE-2002-0640 | Vulnerability Database | Aqua Security

Buffer overflow in sshd in OpenSSH 2.3.1 through 3.3 may allow remote attackers to execute arbitrary code via a large number of responses during challenge response authentication when OpenBSD is using PAM modules with interactive keyboard authentication (PAMAuthenticationViaKbdInt).

Affected Software

Name	Vendor	Start Version	End Version
Openssh	Openbsd	1.2.2 (including)	1.2.2 (including)
Openssh	Openbsd	1.2.3 (including)	1.2.3 (including)
Openssh	Openbsd	2.1 (including)	2.1 (including)
Openssh	Openbsd	2.1.1 (including)	2.1.1 (including)
Openssh	Openbsd	2.2 (including)	2.2 (including)
Openssh	Openbsd	2.3 (including)	2.3 (including)
Openssh	Openbsd	2.5 (including)	2.5 (including)
Openssh	Openbsd	2.5.1 (including)	2.5.1 (including)
Openssh	Openbsd	2.5.2 (including)	2.5.2 (including)
Openssh	Openbsd	2.9 (including)	2.9 (including)
Openssh	Openbsd	2.9.9 (including)	2.9.9 (including)
Openssh	Openbsd	2.9p1 (including)	2.9p1 (including)
Openssh	Openbsd	2.9p2 (including)	2.9p2 (including)
Openssh	Openbsd	3.0 (including)	3.0 (including)
Openssh	Openbsd	3.0.1 (including)	3.0.1 (including)
Openssh	Openbsd	3.0.1p1 (including)	3.0.1p1 (including)
Openssh	Openbsd	3.0.2 (including)	3.0.2 (including)
Openssh	Openbsd	3.0.2p1 (including)	3.0.2p1 (including)
Openssh	Openbsd	3.0p1 (including)	3.0p1 (including)
Openssh	Openbsd	3.1 (including)	3.1 (including)
Openssh	Openbsd	3.1p1 (including)	3.1p1 (including)
Openssh	Openbsd	3.2 (including)	3.2 (including)
Openssh	Openbsd	3.2.2p1 (including)	3.2.2p1 (including)
Openssh	Openbsd	3.2.3p1 (including)	3.2.3p1 (including)
Openssh	Openbsd	3.3 (including)	3.3 (including)
Openssh	Openbsd	3.3p1 (including)	3.3p1 (including)
Red Hat Enterprise Linux AS (Advanced Server) version 2.1	RedHat		*
Red Hat Linux 7.0	RedHat		*
Red Hat Linux 7.1	RedHat		*
Red Hat Linux 7.2	RedHat		*
Red Hat Linux 7.3	RedHat		*

References

ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-030.0.txt
http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000502
http://marc.info/?l=bugtraq\u0026m=102514371522793\u0026w=2
http://marc.info/?l=bugtraq\u0026m=102514631524575\u0026w=2
http://marc.info/?l=bugtraq\u0026m=102521542826833\u0026w=2
http://marc.info/?l=bugtraq\u0026m=102532054613894\u0026w=2
http://www.cert.org/advisories/CA-2002-18.html
http://www.debian.org/security/2002/dsa-134
http://www.kb.cert.org/vuls/id/369347
http://www.linuxsecurity.com/advisories/other_advisory-2177.html
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:040
http://www.novell.com/linux/security/advisories/2002_024_openssh_txt.html
http://www.openwall.com/lists/oss-security/2024/07/01/3
http://www.osvdb.org/839
http://www.redhat.com/support/errata/RHSA-2002-127.html
http://www.redhat.com/support/errata/RHSA-2002-131.html
http://www.securityfocus.com/bid/5093
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0206-195
ftp://ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-030.0.txt
http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000502
http://marc.info/?l=bugtraq\u0026m=102514371522793\u0026w=2
http://marc.info/?l=bugtraq\u0026m=102514631524575\u0026w=2
http://marc.info/?l=bugtraq\u0026m=102521542826833\u0026w=2
http://marc.info/?l=bugtraq\u0026m=102532054613894\u0026w=2
http://www.cert.org/advisories/CA-2002-18.html
http://www.debian.org/security/2002/dsa-134
http://www.kb.cert.org/vuls/id/369347
http://www.linuxsecurity.com/advisories/other_advisory-2177.html
http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:040
http://www.novell.com/linux/security/advisories/2002_024_openssh_txt.html
http://www.openwall.com/lists/oss-security/2024/07/01/3
http://www.osvdb.org/839
http://www.redhat.com/support/errata/RHSA-2002-127.html
http://www.redhat.com/support/errata/RHSA-2002-131.html
http://www.securityfocus.com/bid/5093
http://www1.itrc.hp.com/service/cki/docDisplay.do?docId=HPSBUX0206-195

NVD	https://nvd.nist.gov/vuln/detail/CVE-2002-0640
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html