|
|
CVE Reference: CVE-2003-0786 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2003-0786 |
|
|
Description: The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and 3.7.1p1, when Privilege Separation is disabled, does not check the result of the authentication attempt, which can allow remote attackers to gain privileges. |
|
|
CVE Status: Candidate |
|
|
References: FULLDISC http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/010812.html CONFIRM http://www.openssh.com/txt/sshpam.adv CERT-VN 602204 BUGTRAQ http://www.securityfocus.com/archive/1/338616 http://www.securityfocus.com/archive/1/338617 BID 8677 |
|
| Return to the previous page. |
