CVE Vulnerabilities

CVE-2003-0786

Published: Nov 17, 2003 | Modified: Sep 10, 2008
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
10 HIGH
AV:N/AC:L/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and 3.7.1p1, when Privilege Separation is disabled, does not check the result of the authentication attempt, which can allow remote attackers to gain privileges.

Affected Software

Name Vendor Start Version End Version
Openssh Openbsd 3.7.1 (including) 3.7.1 (including)
Openssh Openbsd 3.7.1p1 (including) 3.7.1p1 (including)

References