Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1646

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-1646
Last Modified 05 Sep 2008 04:31:09
Published 31 Dec 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1646

Summary

SSH Secure Shell for Servers 3.0.0 to 3.1.1 allows remote attackers to override the AllowedAuthentications configuration and use less secure authentication schemes (e.g. password) than configured for the server.

Vulnerable Systems

Application

  • Ssh Secure Shell For Servers 3.0

  • Ssh Secure Shell For Servers 3.0.1

  • Ssh Secure Shell For Servers 3.1

  • Ssh Secure Shell For Servers 3.1.1


References

CERT-VN - VU#341187

XF - ssh-allowedauthentications-bypass-auth(9163)

CONFIRM - http://www.ssh.com/products/ssh/advisories/authentication.cfm

BID - 4810

BUGTRAQ - 20020523 [Fwd: Updated version of SSH Secure Shell available]

CIAC - M-081

CONFIRM - http://www.ssh.com/company/newsroom/article/201/


Last Updated: 27 May 2016 10:37:26