Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2000-0992 — Path Traversal in Openssh

8 documents8 sources

Severity

5.0MEDIUMNVD

EPSS

2.9%

top 13.76%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Openbsd Openssh SSH

Timeline

PublishedDec 19

Latest updateApr 30

Description

Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a .. (dot dot) attack.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages3 packages

▶Debianopenbsd/openssh< 1:3.9p1-1+3

▶NVDssh/ssh18 versions+17

▶NVDopenbsd/openssh1.2, 1.2.3+1

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-vx4v-hfcq-7vw7: Directory traversal vulnerability in scp in sshd 1↗2022-04-30

▶

CVEList

CVE-2000-0992: Directory traversal vulnerability in scp in sshd 1↗2001-01-22

▶

OSV

CVE-2000-0992: Directory traversal vulnerability in scp in sshd 1↗2000-12-19

▶

💥Exploits & PoCs

Exploit-DB

OpenSSH 1.2 - '.scp' File Create/Overwrite↗2000-09-30

▶

📋Vendor Advisories

Red Hat

security flaw↗2000-09-01

▶

Debian

CVE-2000-0992: openssh - Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote maliciou...↗2000

▶

💬Community

Bugzilla

CVE-2004-0175 security flaw↗2018-08-16

▶