Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2002-0083

CWE-1937 documents7 sources

Severity

9.8CRITICAL

EPSS

1.5%

top 18.70%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Openbsd Openssh Conectiva Linux Engardelinux Secure Linux +8 more

Timeline

PublishedMar 15

Latest updateMay 3

Description

Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages11 packages

▶NVDopenbsd/openssh2.0 — 3.1

▶NVDredhat/linux7.0, 7.1, 7.2+2

▶NVDconectiva/linux6 versions+5

▶NVDimmunix/immunix7.0

▶NVDopenpkg/openpkg1.0

Patches

Patch: marc.info ↗Patch: www.linuxsecurity.com ↗Patch: marc.info ↗

🔴Vulnerability Details

GHSA

GHSA-w9fg-77jf-ghf9: Off-by-one error in the channel code of OpenSSH 2↗2022-05-03

▶

CVEList

CVE-2002-0083: Off-by-one error in the channel code of OpenSSH 2↗2002-06-25

▶

💥Exploits & PoCs

Exploit-DB

OpenSSH 2.x/3.0.1/3.0.2 - Channel Code Off-by-One↗2002-03-07

▶

📋Vendor Advisories

Red Hat

security flaw↗2002-03-07

▶

💬Community

Bugzilla

CVE-2002-0083 security flaw↗2018-08-16

▶