| Vulnerability Name: | CVE-2001-0816 (CCN-7634) |
| Assigned: | 2001-09-18 |
| Published: | 2001-09-18 |
| Updated: | 2017-10-10 |
| Summary: | OpenSSH before 2.9.9, when running sftp using sftp-server and using restricted keypairs, allows remote authenticated users to bypass authorized_keys2 command= restrictions using sftp commands.
|
| CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)| Exploitability Metrics: | Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None | | Scope: | Scope (S): Unchanged
| | Impact Metrics: | Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low |
|
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)| Exploitability Metrics: | Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None | | Impact Metrics: | Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial |
7.5 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)| Exploitability Metrics: | Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
| | Impact Metrics: | Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial |
|
| Vulnerability Type: | CWE-Other
|
| Vulnerability Consequences: | Bypass Security |
| References: | Source: BUGTRAQ
Type: Patch, Vendor Advisory
20010918 OpenSSH: sftp & bypassing keypair auth restrictions
Source: CCN
Type: BugTraq Mailing List, Tue Sep 18 2001 - 07:24:07 CDT
OpenSSH: sftp & bypassing keypair auth restrictions
Source: CCN
Type: Conectiva Linux Announcement CLSA-2001:431
openssh
Source: MITRE
Type: CNA
CVE-2001-0816
Source: CONECTIVA
Type: UNKNOWN
CLSA-2001:431
Source: CCN
Type: Immunix OS Security Advisory IMNX-2001-70-034-01
openssh
Source: IMMUNIX
Type: UNKNOWN
IMNX-2001-70-034-01
Source: CCN
Type: RHSA-2001-154
Updated OpenSSH packages available
Source: OSVDB
Type: UNKNOWN
5536
Source: CCN
Type: OSVDB ID: 5536
OpenSSH sftp-server Restricted Keypair Restriction Bypass
Source: REDHAT
Type: UNKNOWN
RHSA-2001:154
Source: XF
Type: UNKNOWN
openssh-sftp-bypass-restrictions(7634)
Source: XF
Type: UNKNOWN
openssh-sftp-bypass-restrictions(7634)
|
| Vulnerable Configuration: | Configuration 1:
cpe:/a:openbsd:openssh:*:*:*:*:*:*:*:* (Version <= 2.9.9)
Configuration CCN 1:
cpe:/a:openbsd:openssh:2.1.1:-:*:*:*:*:*:*OR cpe:/a:openbsd:openssh:2.5.2:-:*:*:*:*:*:*OR cpe:/a:openbsd:openssh:2.5:*:*:*:*:*:*:*OR cpe:/a:openbsd:openssh:2.5.1:-:*:*:*:*:*:*OR cpe:/a:openbsd:openssh:2.9:-:*:*:*:*:*:*OR cpe:/a:openbsd:openssh:2.1:*:*:*:*:*:*:*OR cpe:/a:openbsd:openssh:2.2:*:*:*:*:*:*:*OR cpe:/a:openbsd:openssh:2.3:*:*:*:*:*:*:*OR cpe:/a:openbsd:openssh:1.2.2:-:*:*:*:*:*:*OR cpe:/a:openbsd:openssh:1.2.3:-:*:*:*:*:*:*OR cpe:/a:openbsd:openssh:1.2.27:*:*:*:*:*:*:*OR cpe:/a:openbsd:openssh:1.2.1:*:*:*:*:*:*:*OR cpe:/a:openbsd:openssh:1.2:*:*:*:*:*:*:*OR cpe:/a:openbsd:openssh:2.1.1:p4:*:*:*:*:*:*OR cpe:/a:openbsd:openssh:2.2.0:p1:*:*:*:*:*:*OR cpe:/a:openbsd:openssh:2.3.0:p1:*:*:*:*:*:*OR cpe:/a:openbsd:openssh:2.5.1:p1:*:*:*:*:*:*OR cpe:/a:openbsd:openssh:2.5.1:p2:*:*:*:*:*:*OR cpe:/a:openbsd:openssh:2.5.2:p2:*:*:*:*:*:*AND cpe:/o:redhat:linux:7:*:*:*:*:*:*:*OR cpe:/o:conectiva:linux:6.0:*:*:*:*:*:*:*OR cpe:/o:redhat:linux:7.1:*:*:*:*:*:*:*OR cpe:/o:conectiva:linux:5.0:*:*:*:*:*:*:*OR cpe:/o:conectiva:linux:prg_graficos:*:*:*:*:*:*:*OR cpe:/o:conectiva:linux:ecommerce:*:*:*:*:*:*:*OR cpe:/o:conectiva:linux:5.1:*:*:*:*:*:*:*OR cpe:/o:conectiva:linux:7.0:*:*:*:*:*:*:*OR cpe:/o:redhat:linux:7.2:*:*:*:*:*:*:*OR cpe:/o:redhat:linux:7.3:*:*:*:*:*:*:*
 Denotes that component is vulnerable |
| BACK |