CVE-2000-0143 — Openssh vulnerability

3 documents3 sources

Severity

4.6MEDIUMNVD

EPSS

0.1%

top 77.74%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Openbsd Openssh SSH

Timeline

PublishedFeb 11

Latest updateApr 30

Description

The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages2 packages

▶NVDopenbsd/openssh1.2.1+1

▶NVDssh/ssh28 versions+27

🔴Vulnerability Details

GHSA

GHSA-mcq5-ghfg-w6qg: The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system pass↗2022-04-30

▶

CVEList

CVE-2000-0143: The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system pass↗2000-02-16

▶