CVE-2003-0787
published 2003-11-17CVE-2003-0787: The PAM conversation function in OpenSSH 3.7.1 and 3.7.1p1 interprets an array of structures as an array of pointers, which allows attackers to modify the…
PriorityP426high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
1.66%
73.7th percentile
The PAM conversation function in OpenSSH 3.7.1 and 3.7.1p1 interprets an array of structures as an array of pointers, which allows attackers to modify the stack and possibly gain privileges.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | openssh | < openssh 1:3.7.1p2 (bookworm) | openssh 1:3.7.1p2 (bookworm) |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | >= 0 < 1:3.7.1p2 | 1:3.7.1p2 |
| openbsd | openssh | >= 0 < 1:3.7.1p2 | 1:3.7.1p2 |
| openbsd | openssh | >= 0 < 1:3.7.1p2 | 1:3.7.1p2 |
| openbsd | openssh | >= 0 < 1:3.7.1p2 | 1:3.7.1p2 |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5HIGH
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2003-0787: openssh - The PAM conversation function in OpenSSH 3.7.1 and 3.7.1p1 interprets an array o...
vendor_debian·2003·CVSS 7.5
CVE-2003-0787 [HIGH] CVE-2003-0787: openssh - The PAM conversation function in OpenSSH 3.7.1 and 3.7.1p1 interprets an array o...
The PAM conversation function in OpenSSH 3.7.1 and 3.7.1p1 interprets an array of structures as an array of pointers, which allows attackers to modify the stack and possibly gain privileges.
Scope: local
bookworm: resolved (fixed in 1:3.7.1p2)
bullseye: resolved (fixed in 1:3.7.1p2)
forky: resolved (fixed in 1:3.7.1p2)
sid: resolved (fixed in 1:3.7.1p2)
trixie: resolved (fixed in 1:3.7.1p2)
Red Hat
CVE-2003-0787: The PAM conversation function in OpenSSH 3
vendor_redhat·CVSS 7.5
CVE-2003-0787 [HIGH] CVE-2003-0787: The PAM conversation function in OpenSSH 3
The PAM conversation function in OpenSSH 3.7.1 and 3.7.1p1 interprets an array of structures as an array of pointers, which allows attackers to modify the stack and possibly gain privileges.
Statement: Not vulnerable. This issue did not affect the version of openssh as shipped with Red Hat Enterprise Linux 3 as it did not include the upstream PAM password authentication module reimplementation, introduced in OpenSSH 3.7. This issue did not affect the versions of openssh as shipped with Red Hat Enterprise Linux 4, 5, and 6.
GHSA
GHSA-jmj3-c2mm-6fgh: The PAM conversation function in OpenSSH 3
ghsa_unreviewed·2022-04-29
CVE-2003-0787 [HIGH] GHSA-jmj3-c2mm-6fgh: The PAM conversation function in OpenSSH 3
The PAM conversation function in OpenSSH 3.7.1 and 3.7.1p1 interprets an array of structures as an array of pointers, which allows attackers to modify the stack and possibly gain privileges.
OSV
CVE-2003-0787: The PAM conversation function in OpenSSH 3
osv·2003-11-17·CVSS 7.5
CVE-2003-0787 [HIGH] CVE-2003-0787: The PAM conversation function in OpenSSH 3
The PAM conversation function in OpenSSH 3.7.1 and 3.7.1p1 interprets an array of structures as an array of pointers, which allows attackers to modify the stack and possibly gain privileges.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/010812.htmlhttp://www.kb.cert.org/vuls/id/209807http://www.openssh.com/txt/sshpam.advhttp://www.securityfocus.com/archive/1/338616http://www.securityfocus.com/archive/1/338617http://www.securityfocus.com/bid/8677http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/010812.htmlhttp://www.kb.cert.org/vuls/id/209807http://www.openssh.com/txt/sshpam.advhttp://www.securityfocus.com/archive/1/338616http://www.securityfocus.com/archive/1/338617http://www.securityfocus.com/bid/8677
2003-11-17
Published