Openbsd OpenSSH vulnerabilities

CVE-2000-0999 [CRITICAL] CVE-2000-0999: Format string vulnerabilities in OpenBSD ssh program (and possibly other BSD-based operating systems Format string vulnerabilities in OpenBSD ssh program (and possibly other BSD-based operating systems) allow attackers to gain root privileges.

CVE-2000-0525 [CRITICAL] CVE-2000-0525: OpenSSH does not properly drop privileges when the UseLogin option is enabled, which allows local us OpenSSH does not properly drop privileges when the UseLogin option is enabled, which allows local users to execute arbitrary commands by providing the command to the ssh daemon.

CVE-2000-0217 [MEDIUM] CVE-2000-0217: The default configuration of SSH allows X forwarding, which could allow a remote attacker to control The default configuration of SSH allows X forwarding, which could allow a remote attacker to control a client's X sessions via a malicious xauth program.

CVE-2000-0143 [MEDIUM] CVE-2000-0143: The SSH protocol server sshd allows local users without shell access to redirect a TCP connection th The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP.

CVE-1999-1010 [LOW] CVE-1999-1010: An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the serv An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy.