Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2002-0640Improper Restriction of Operations within the Bounds of a Memory Buffer in Openssh

10 documents8 sources
Severity
10.0CRITICALNVD
EPSS
67.0%
top 1.44%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Openbsd Openssh
Timeline
PublishedJul 3
Latest updateMay 3

Description

Buffer overflow in sshd in OpenSSH 2.3.1 through 3.3 may allow remote attackers to execute arbitrary code via a large number of responses during challenge response authentication when OpenBSD is using PAM modules with interactive keyboard authentication (PAMAuthenticationViaKbdInt).

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

Debianopenbsd/openssh< 1:3.4+3
NVDopenbsd/openssh26 versions+25

🔴Vulnerability Details

3
GHSA
GHSA-q9hw-p2pq-q4p7: Buffer overflow in sshd in OpenSSH 22022-05-03
CVEList
CVE-2002-0640: Buffer overflow in sshd in OpenSSH 22003-04-02
OSV
CVE-2002-0640: Buffer overflow in sshd in OpenSSH 22002-07-03

💥Exploits & PoCs

2
Exploit-DB
OpenSSH 3.x - Challenge-Response Buffer Overflow (1)2002-06-24
Exploit-DB
OpenSSH 3.x - Challenge-Response Buffer Overflow (2)2002-06-24

📋Vendor Advisories

3
Red Hat
security flaw2002-06-26
Debian
CVE-2002-0640: openssh - Buffer overflow in sshd in OpenSSH 2.3.1 through 3.3 may allow remote attackers ...2002
Red Hat
CVE-2002-0639: Integer overflow in sshd in OpenSSH 2

💬Community

1
Bugzilla
CVE-2002-0640 security flaw2018-08-16
CVE-2002-0640 — Openbsd Openssh vulnerability | cvebase