CVE-2002-0765
published 2002-08-12CVE-2002-0765: sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain conditions, may allow users to successfully authenticate and log in with another user's…
PriorityP424high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
1.28%
66.3th percentile
sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain conditions, may allow users to successfully authenticate and log in with another user's password.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | openssh | < openssh 1:3.3p1-0.0woody1 (bookworm) | openssh 1:3.3p1-0.0woody1 (bookworm) |
| openbsd | openbsd | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | >= 0 < 1:3.3p1-0.0woody1 | 1:3.3p1-0.0woody1 |
| openbsd | openssh | >= 0 < 1:3.3p1-0.0woody1 | 1:3.3p1-0.0woody1 |
| openbsd | openssh | >= 0 < 1:3.3p1-0.0woody1 | 1:3.3p1-0.0woody1 |
| openbsd | openssh | >= 0 < 1:3.3p1-0.0woody1 | 1:3.3p1-0.0woody1 |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2002-0765: openssh - sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain conditions...
vendor_debian·2002·CVSS 7.5
CVE-2002-0765 [HIGH] CVE-2002-0765: openssh - sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain conditions...
sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain conditions, may allow users to successfully authenticate and log in with another user's password.
Scope: local
bookworm: resolved (fixed in 1:3.3p1-0.0woody1)
bullseye: resolved (fixed in 1:3.3p1-0.0woody1)
forky: resolved (fixed in 1:3.3p1-0.0woody1)
sid: resolved (fixed in 1:3.3p1-0.0woody1)
trixie: resolved (fixed in 1:3.3p1-0.0woody1)
GHSA
GHSA-hw3r-x5qh-749j: sshd in OpenSSH 3
ghsa_unreviewed·2022-04-30
CVE-2002-0765 [HIGH] GHSA-hw3r-x5qh-749j: sshd in OpenSSH 3
sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain conditions, may allow users to successfully authenticate and log in with another user's password.
OSV
CVE-2002-0765: sshd in OpenSSH 3
osv·2002-08-12·CVSS 7.5
CVE-2002-0765 [HIGH] CVE-2002-0765: sshd in OpenSSH 3
sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain conditions, may allow users to successfully authenticate and log in with another user's password.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/bugtraq/2002-05/0235.htmlhttp://www.iss.net/security_center/static/9215.phphttp://www.openbsd.org/errata.html#sshbsdauthhttp://www.osvdb.org/5113http://www.securityfocus.com/bid/4803http://archives.neohapsis.com/archives/bugtraq/2002-05/0235.htmlhttp://www.iss.net/security_center/static/9215.phphttp://www.openbsd.org/errata.html#sshbsdauthhttp://www.osvdb.org/5113http://www.securityfocus.com/bid/4803
2002-08-12
Published