cbcvebase.
CVE-2004-1653
published 2004-08-31

CVE-2004-1653: The default configuration for OpenSSH enables AllowTcpForwarding, which could allow remote authenticated users to perform a port bounce, when configured with…

PriorityP271medium6.4CVSS 2.0
AVNACLAuNCPIPAN
ITWVulnCheck KEV
Exploited in the wild
EPSS
11.57%
95.5th percentile
The default configuration for OpenSSH enables AllowTcpForwarding, which could allow remote authenticated users to perform a port bounce, when configured with an anonymous access program such as AnonCVS.

Affected

2 ranges
VendorProductVersion rangeFixed in
debianopenssh
openbsdopenssh<= 3.9

Detection & IOCsextracted from sources · hover to see the quote

  • Look for OpenSSH configurations where AllowTcpForwarding is enabled (default) combined with anonymous access programs such as AnonCVS, which enables port bounce attacks by remote authenticated users.
  • ·AllowTcpForwarding is enabled by default in OpenSSH. It can be disabled via the /etc/ssh/sshd_config configuration file, but disabling TCP forwarding alone does not improve security unless users are also denied shell access.
  • ·The relevant configuration file to audit and harden is /etc/ssh/sshd_config for the AllowTcpForwarding directive.

CVSS provenance

nvdv2.06.4MEDIUMAV:N/AC:L/Au:N/C:P/I:P/A:N
vulncheck6.4MEDIUM
vendor_debian6.4LOW
vendor_redhat6.4MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.