CVE-2002-0640

Buffer overflow in sshd in OpenSSH 2.3.1 through 3.3 may allow remote attackers to execute arbitrary code via a large number of responses during challenge response authentication when OpenBSD is using PAM modules with interactive keyboard authentication (PAMAuthenticationViaKbdInt).

Published : 2002-07-03 04:00 Updated : 2016-10-18 02:20

10.0
CVSS Score More info
Score 10.0 / 10
10.0
Vendor Product Version URI
Openbsd Openssh 3.3 cpe:/a:openbsd:openssh:3.3
Openbsd Openssh 2.5 cpe:/a:openbsd:openssh:2.5
Openbsd Openssh 2.9 cpe:/a:openbsd:openssh:2.9
Openbsd Openssh 2.2 cpe:/a:openbsd:openssh:2.2
Openbsd Openssh 3.1 cpe:/a:openbsd:openssh:3.1
Openbsd Openssh 2.3 cpe:/a:openbsd:openssh:2.3
Openbsd Openssh 3.2 cpe:/a:openbsd:openssh:3.2
Openbsd Openssh 2.1 cpe:/a:openbsd:openssh:2.1
Openbsd Openssh 2.1.1 cpe:/a:openbsd:openssh:2.1.1
Openbsd Openssh 3.0 cpe:/a:openbsd:openssh:3.0
Openbsd Openssh 3.0.2p1 cpe:/a:openbsd:openssh:3.0.2p1
Openbsd Openssh 2.5.1 cpe:/a:openbsd:openssh:2.5.1
Openbsd Openssh 2.9p2 cpe:/a:openbsd:openssh:2.9p2
Openbsd Openssh 2.9p1 cpe:/a:openbsd:openssh:2.9p1
Openbsd Openssh 3.0.1p1 cpe:/a:openbsd:openssh:3.0.1p1
Openbsd Openssh 2.5.2 cpe:/a:openbsd:openssh:2.5.2
Openbsd Openssh 3.0.1 cpe:/a:openbsd:openssh:3.0.1
Openbsd Openssh 2.9.9 cpe:/a:openbsd:openssh:2.9.9
Openbsd Openssh 3.0.2 cpe:/a:openbsd:openssh:3.0.2
Openbsd Openssh 3.3p1 cpe:/a:openbsd:openssh:3.3p1
Openbsd Openssh 1.2.2 cpe:/a:openbsd:openssh:1.2.2
Openbsd Openssh 3.0p1 cpe:/a:openbsd:openssh:3.0p1
Openbsd Openssh 3.1p1 cpe:/a:openbsd:openssh:3.1p1
Openbsd Openssh 3.2.2p1 cpe:/a:openbsd:openssh:3.2.2p1
Openbsd Openssh 1.2.3 cpe:/a:openbsd:openssh:1.2.3
Openbsd Openssh 3.2.3p1 cpe:/a:openbsd:openssh:3.2.3p1
  1. Openbsd (1) Search CVE
    1. Openssh (26) Search CVE
      1. 3.3
      2. 2.5
      3. 2.9
      4. 2.2
      5. 3.1
      6. 2.3
      7. 3.2
      8. 2.1
      9. 2.1.1
      10. 3.0
      11. 3.0.2p1
      12. 2.5.1
      13. 2.9p2
      14. 2.9p1
      15. 3.0.1p1
      16. 2.5.2
      17. 3.0.1
      18. 2.9.9
      19. 3.0.2
      20. 3.3p1
      21. 1.2.2
      22. 3.0p1
      23. 3.1p1
      24. 3.2.2p1
      25. 1.2.3
      26. 3.2.3p1

CWE

There is no CWE for this CVE.

History of changes

Date Event
2002-07-03 04:00

New CVE