CVE-2004-0175Path Traversal in Openssh

CWE-22Path Traversal7 documents7 sources
Severity
4.3MEDIUMNVD
CNA5.0OSV5.0
EPSS
0.4%
top 40.25%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Openbsd Openssh
Timeline
PublishedAug 18
Latest updateMay 3

Description

Directory traversal vulnerability in scp for OpenSSH before 3.4p1 allows remote malicious servers to overwrite arbitrary files. NOTE: this may be a rediscovery of CVE-2000-0992.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages2 packages

Debianopenbsd/openssh< 1:3.9p1-1+3
NVDopenbsd/openssh15 versions+14

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

3
GHSA
GHSA-384q-pv6w-p8vv: Directory traversal vulnerability in scp for OpenSSH before 32022-05-03
OSV
CVE-2004-0175: Directory traversal vulnerability in scp for OpenSSH before 32004-08-18
CVEList
CVE-2004-0175: Directory traversal vulnerability in scp for OpenSSH before 32004-06-03

📋Vendor Advisories

2
Debian
CVE-2004-0175: openssh - Directory traversal vulnerability in scp for OpenSSH before 3.4p1 allows remote ...2004
Red Hat
security flaw2000-09-01

💬Community

1
Bugzilla
CVE-2004-0175 security flaw2018-08-16
CVE-2004-0175 — Path Traversal in Openbsd Openssh | cvebase