CVE-2003-0786

The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and 3.7.1p1, when Privilege Separation is disabled, does not check the result of the authentication attempt, which can allow remote attackers to gain privileges.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/010812.html
http://www.openssh.com/txt/sshpam.adv
http://www.kb.cert.org/vuls/id/602204	US Government Resource
http://www.securityfocus.com/archive/1/338617
http://www.securityfocus.com/archive/1/338616
http://www.securityfocus.com/bid/8677

Advertisement

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:openbsd:openssh:3.7.1p1:::::::*
	cpe:2.3:a:openbsd:openssh:3.7.1:::::::*

Information

Published : 2003-11-16 21:00

Updated : 2008-09-10 12:20

NVD link : CVE-2003-0786

Mitre link : CVE-2003-0786

JSON object : View

CWE

NVD-CWE-Other

Advertisement

Products Affected

openbsd

openssh

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/010812.html", "name": "20030924 [OpenPKG-SA-2003.042] OpenPKG Security Advisory (openssh)", "tags": [], "refsource": "FULLDISC"}, {"url": "http://www.openssh.com/txt/sshpam.adv", "name": "http://www.openssh.com/txt/sshpam.adv", "tags": [], "refsource": "CONFIRM"}, {"url": "http://www.kb.cert.org/vuls/id/602204", "name": "VU#602204", "tags": ["US Government Resource"], "refsource": "CERT-VN"}, {"url": "http://www.securityfocus.com/archive/1/338617", "name": "20030923 Multiple PAM vulnerabilities in portable OpenSSH", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://www.securityfocus.com/archive/1/338616", "name": "20030923 Portable OpenSSH 3.7.1p2 released", "tags": [], "refsource": "BUGTRAQ"}, {"url": "http://www.securityfocus.com/bid/8677", "name": "8677", "tags": [], "refsource": "BID"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and 3.7.1p1, when Privilege Separation is disabled, does not check the result of the authentication attempt, which can allow remote attackers to gain privileges."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2003-0786", "ASSIGNER": "cve@mitre.org"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "severity": "HIGH", "impactScore": 10.0, "obtainAllPrivilege": true, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2003-11-17T05:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:openbsd:openssh:3.7.1p1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:a:openbsd:openssh:3.7.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2008-09-10T19:20Z"}