Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0693

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2003-0693
Last Modified 07 Mar 2011 09:12:55
Published 22 Sep 2003 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0693

Summary

A "buffer management error" in buffer_append_space of buffer.c for OpenSSH before 3.7 may allow remote attackers to execute arbitrary code by causing an incorrect amount of memory to be freed and corrupting the heap, a different vulnerability than CVE-2003-0695.

Vulnerable Systems

Application

  • Openbsd Openssh 3.7


References

CERT-VN - VU#333628

CERT - CA-2003-24

BUGTRAQ - 20030916 OpenSSH Buffer Management Bug Advisory

XF - openssh-packet-bo(13191)

REDHAT - RHSA-2003:280

CONFIRM - http://www.openssh.com/txt/buffer.adv

DEBIAN - DSA-383

DEBIAN - DSA-382

SUNALERT - 1000620

BUGTRAQ - 20030917 [OpenPKG-SA-2003.040] OpenPKG Security Advisory (openssh)

TRUSTIX - 2003-0033

BUGTRAQ - 20030916 [slackware-security] OpenSSH Security Advisory (SSA:2003-259-01)

REDHAT - RHSA-2003:279

FULLDISC - 20030916 The lowdown on SSH vulnerability

FULLDISC - 20030915 openssh remote exploit

FULLDISC - 20030915 new ssh exploit?

MANDRAKE - MDKSA-2003:090


Last Updated: 27 May 2016 10:38:00