Vulnerability Name:
CVE-2001-1507 (CCN-7598)
Assigned:
2001-11-19
Published:
2001-11-19
Updated:
2008-09-10
Summary:
OpenSSH before 3.0.1 with Kerberos V enabled does not properly authenticate users, which could allow remote attackers to login unchallenged.
CVSS v3 Severity:
7.3 High
(CCN CVSS v3.1 Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
)
Exploitability Metrics:
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope:
Scope (S):
Unchanged
Impact Metrics:
Confidentiality (C):
Low
Integrity (I):
Low
Availibility (A):
Low
CVSS v2 Severity:
7.5 High
(CVSS v2 Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
)
Exploitability Metrics:
Access Vector (AV):
Network
Access Complexity (AC):
Low
Authentication (Au):
None
Impact Metrics:
Confidentiality (C):
Partial
Integrity (I):
Partial
Availibility (A):
Partial
7.5 High
(CCN CVSS v2 Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
)
Exploitability Metrics:
Access Vector (AV):
Network
Access Complexity (AC):
Low
Athentication (Au):
None
Impact Metrics:
Confidentiality (C):
Partial
Integrity (I):
Partial
Availibility (A):
Partial
Vulnerability Type:
CWE-Other
Vulnerability Consequences:
Gain Privileges
References:
Source: CCN
Type: BugTraq Mailing List, Mon Nov 19 2001 - 11:23:53 CST
OpenSSH 3.0.1 (fwd)
Source: MITRE
Type: CNA
CVE-2001-1507
Source: BUGTRAQ
Type: Patch, Vendor Advisory
20011119 OpenSSH 3.0.1 (fwd)
Source: XF
Type: Patch
openssh-kerberos-elevate-privileges(7598)
Source: CONFIRM
Type: Patch
http://www.openbsd.org/errata30.html#sshd
Source: CCN
Type: OpenSSH Web site
OpenSSH
Source: CCN
Type: OSVDB ID: 20216
OpenSSH with KerberosV Remote Authentication Bypass
Source: BID
Type: UNKNOWN
3560
Source: CCN
Type: BID-3560
OpenSSH Kerberos Arbitrary Privilege Elevation Vulnerability
Source: XF
Type: UNKNOWN
openssh-kerberos-elevate-privileges(7598)
Vulnerable Configuration:
Configuration 1
:
cpe:/a:openbsd:openssh:3.0:-:*:*:*:*:*:*
OR
cpe:/a:openbsd:openssh:3.0p1:*:*:*:*:*:*:*
Configuration CCN 1
:
cpe:/a:openbsd:openssh:2.1.1:-:*:*:*:*:*:*
OR
cpe:/a:openbsd:openssh:2.5.2:-:*:*:*:*:*:*
OR
cpe:/a:openbsd:openssh:2.5:*:*:*:*:*:*:*
OR
cpe:/a:openbsd:openssh:2.5.1:-:*:*:*:*:*:*
OR
cpe:/a:openbsd:openssh:2.9:-:*:*:*:*:*:*
OR
cpe:/a:openbsd:openssh:3.0:-:*:*:*:*:*:*
OR
cpe:/a:openbsd:openssh:2.9.9p2:*:*:*:*:*:*:*
OR
cpe:/a:openbsd:openssh:2.1:*:*:*:*:*:*:*
OR
cpe:/a:openbsd:openssh:2.2:*:*:*:*:*:*:*
OR
cpe:/a:openbsd:openssh:2.3:*:*:*:*:*:*:*
OR
cpe:/a:openbsd:openssh:2.9p2:*:*:*:*:*:*:*
OR
cpe:/a:openbsd:openssh:2.9p1:*:*:*:*:*:*:*
OR
cpe:/a:openbsd:openssh:2.9.9:-:*:*:*:*:*:*
OR
cpe:/a:openbsd:openssh:1.2.2:-:*:*:*:*:*:*
OR
cpe:/a:openbsd:openssh:1.2.3:-:*:*:*:*:*:*
OR
cpe:/a:openbsd:openssh:1.2.27:*:*:*:*:*:*:*
OR
cpe:/a:openbsd:openssh:1.2.1:*:*:*:*:*:*:*
OR
cpe:/a:openbsd:openssh:1.2:*:*:*:*:*:*:*
OR
cpe:/a:openbsd:openssh:2.1.1:p4:*:*:*:*:*:*
OR
cpe:/a:openbsd:openssh:2.2.0:p1:*:*:*:*:*:*
OR
cpe:/a:openbsd:openssh:2.3.0:p1:*:*:*:*:*:*
OR
cpe:/a:openbsd:openssh:2.5.1:p1:*:*:*:*:*:*
OR
cpe:/a:openbsd:openssh:2.5.1:p2:*:*:*:*:*:*
OR
cpe:/a:openbsd:openssh:2.5.2:p2:*:*:*:*:*:*
OR
cpe:/a:openbsd:openssh:2.9.9:p1:*:*:*:*:*:*
Denotes that component is vulnerable
BACK
openbsd
openssh 3.0
openbsd
openssh 3.0p1
openbsd
openssh 2.1.1
openbsd
openssh 2.5.2
openbsd
openssh 2.5
openbsd
openssh 2.5.1
openbsd
openssh 2.9
openbsd
openssh 3.0
openbsd
openssh 2.9.9p2
openbsd
openssh 2.1
openbsd
openssh 2.2
openbsd
openssh 2.3
openbsd
openssh 2.9p2
openbsd
openssh 2.9p1
openbsd
openssh 2.9.9
openbsd
openssh 1.2.2
openbsd
openssh 1.2.3
openbsd
openssh 1.2.27
openbsd
openssh 1.2.1
openbsd
openssh 1.2
openbsd
openssh 2.1.1 p4
openbsd
openssh 2.2.0 p1
openbsd
openssh 2.3.0 p1
openbsd
openssh 2.5.1 p1
openbsd
openssh 2.5.1 p2
openbsd
openssh 2.5.2 p2
openbsd
openssh 2.9.9 p1