CVE-2003-0386 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2003-0386
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2003-0386

Description: OpenSSH 3.6.1 and earlier, when restricting host access by numeric IP addresses and with VerifyReverseMapping disabled, allows remote attackers to bypass "from=" and "user@host" address restrictions by connecting to a host from a system whose reverse DNS hostname contains the numeric IP address.

CVE Status: Candidate

References: SGI SAID Secunia Advisory: SA21129 Secunia Advisory: SA21262 Secunia Advisory: SA21724 Secunia Advisory: SA22196 Secunia Advisory: SA23680 REDHAT http://www.redhat.com/support/errata/RHSA-2006-0298.html http://www.redhat.com/support/errata/RHSA-2006-0698.html CONFIRM http://lists.apple.com/mhonarc/security-announce/msg00038.html http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html http://support.avaya.com/elmodocs2/security/ASA-2006-174.htm CERT-VN 978316 BUGTRAQ http://www.securityfocus.com/archive/1/324016/2003-06-03/2003-06-09/0 BID 7831

Return to the previous page.