Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0695

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-0695
Last Modified 07 Mar 2011 09:12:55
Published 06 Oct 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-0695

Summary

Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code using (1) buffer_init in buffer.c, (2) buffer_free in buffer.c, or (3) a separate function in channels.c, a different vulnerability than CVE-2003-0693.

Vulnerable Systems

Application

  • Openbsd Openssh 3.7.1


References

REDHAT - RHSA-2003:280

DEBIAN - DSA-383

REDHAT - RHSA-2003:279

CONFIRM - http://www.openssh.com/txt/buffer.adv

DEBIAN - DSA-382

MISC - http://marc.theaimsgroup.com/?l=openbsd-security-announce&m=106375582924840

BUGTRAQ - 20030917 [slackware-security] OpenSSH updated again (SSA:2003-260-01)

BUGTRAQ - 20030917 [OpenPKG-SA-2003.040] OpenPKG Security Advisory (openssh)

TRUSTIX - 2003-0033

CONECTIVA - CLA-2003:741

MANDRAKE - MDKSA-2003:090


Last Updated: 27 May 2016 10:38:00