Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0175

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2004-0175
Last Modified 07 Mar 2011 09:15:13
Published 18 Aug 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2004-0175

Summary

Directory traversal vulnerability in scp for OpenSSH before 3.4p1 allows remote malicious servers to overwrite arbitrary files. NOTE: this may be a rediscovery of CVE-2000-0992.

Vulnerable Systems

Application

  • Openbsd Openssh 3.0

  • Openbsd Openssh 3.0.1

  • Openbsd Openssh 3.0.1p1

  • Openbsd Openssh 3.0.2

  • Openbsd Openssh 3.0.2p1

  • Openbsd Openssh 3.0p1

  • Openbsd Openssh 3.1

  • Openbsd Openssh 3.1p1

  • Openbsd Openssh 3.2

  • Openbsd Openssh 3.2.2p1

  • Openbsd Openssh 3.2.3p1

  • Openbsd Openssh 3.3

  • Openbsd Openssh 3.3p1

  • Openbsd Openssh 3.4

  • Openbsd Openssh 3.4p1


References

BID - 9986

CONFIRM - https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120147

XF - openssh-scp-file-overwrite(16323)

REDHAT - RHSA-2005:567

REDHAT - RHSA-2005:562

REDHAT - RHSA-2005:495

REDHAT - RHSA-2005:481

REDHAT - RHSA-2005:165

REDHAT - RHSA-2005:106

REDHAT - RHSA-2005:074

OSVDB - 9550

SUSE - SuSE-SA:2004:009

MANDRIVA - MDVSA-2008:191

MANDRIVA - MDKSA-2005:100

CONFIRM - http://www.juniper.net/support/security/alerts/adv59739.txt

CIAC - O-212

SECUNIA - 19243

SECUNIA - 17135

CONECTIVA - CLSA-2004:831

SCO - SCOSA-2006.11


Last Updated: 27 May 2016 10:38:30