Vulnerability Name:
CVE-2003-0787 (CCN-13271)
Assigned:
2003-09-23
Published:
2003-09-23
Updated:
2008-09-10
Summary:
The PAM conversation function in OpenSSH 3.7.1 and 3.7.1p1 interprets an array of structures as an array of pointers, which allows attackers to modify the stack and possibly gain privileges.
CVSS v3 Severity:
7.3 High
(CCN CVSS v3.1 Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
)
Exploitability Metrics:
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope:
Scope (S):
Unchanged
Impact Metrics:
Confidentiality (C):
Low
Integrity (I):
Low
Availibility (A):
Low
CVSS v2 Severity:
7.5 High
(CVSS v2 Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
)
Exploitability Metrics:
Access Vector (AV):
Network
Access Complexity (AC):
Low
Authentication (Au):
None
Impact Metrics:
Confidentiality (C):
Partial
Integrity (I):
Partial
Availibility (A):
Partial
7.5 High
(CCN CVSS v2 Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
)
Exploitability Metrics:
Access Vector (AV):
Network
Access Complexity (AC):
Low
Athentication (Au):
None
Impact Metrics:
Confidentiality (C):
Partial
Integrity (I):
Partial
Availibility (A):
Partial
Vulnerability Type:
CWE-Other
Vulnerability Consequences:
Gain Privileges
References:
Source: CCN
Type: FreeBSD Security Advisory FreeBSD-SA-03:15
OpenSSH PAM challenge/authentication error
Source: CCN
Type: SGI Security Advisory 20030904-01-P
Multiple OpenSSH/OpenSSL Vulnerabilities
Source: CCN
Type: SGI Security Advisory 20030904-02-P
Multiple OpenSSH/OpenSSL Vulnerabilities Update
Source: CCN
Type: BugTraq Mailing List, Tue Sep 23 2003 - 07:40:25 CDT
Multiple PAM vulnerabilities in portable OpenSSH
Source: MITRE
Type: CNA
CVE-2003-0787
Source: FULLDISC
Type: UNKNOWN
20030924 [OpenPKG-SA-2003.042] OpenPKG Security Advisory (openssh)
Source: CCN
Type: CIAC Information Bulletin N-158
CERT: Portable OpenSSH server PAM Vulnerability
Source: CCN
Type: US-CERT VU#209807
Portable OpenSSH server PAM conversion stack corruption
Source: CERT-VN
Type: US Government Resource
VU#209807
Source: CCN
Type: Gentoo Linux Security Announcement 200309-14
openssh
Source: CCN
Type: OpenPKG-SA-2003.042
OpenSSH
Source: CCN
Type: OpenSSH Security Advisory: sshpam.adv
Portable OpenSSH Security Advisory: sshpam.adv
Source: CONFIRM
Type: UNKNOWN
http://www.openssh.com/txt/sshpam.adv
Source: CCN
Type: OpenSSH Web site
OpenSSH
Source: CCN
Type: OSVDB ID: 6072
OpenSSH PAM Conversation Function Stack Modification
Source: BUGTRAQ
Type: UNKNOWN
20030923 Portable OpenSSH 3.7.1p2 released
Source: BUGTRAQ
Type: UNKNOWN
20030923 Multiple PAM vulnerabilities in portable OpenSSH
Source: BID
Type: UNKNOWN
8677
Source: CCN
Type: BID-8677
Multiple Portable OpenSSH PAM Vulnerabilities
Source: XF
Type: UNKNOWN
openssh-pam-stack-corruption(13271)
Vulnerable Configuration:
Configuration 1
:
cpe:/a:openbsd:openssh:3.7.1:-:*:*:*:*:*:*
OR
cpe:/a:openbsd:openssh:3.7.1p1:*:*:*:*:*:*:*
Configuration CCN 1
:
cpe:/a:openbsd:openssh:3.7p1:*:*:*:*:*:*:*
OR
cpe:/a:openbsd:openssh:3.7.1p1:*:*:*:*:*:*:*
AND
cpe:/o:sgi:irix:6.0.1:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.1:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.2:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.3:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.4:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.0:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.1:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.2:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.3:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.4:*:*:*:*:*:*:*
OR
cpe:/o:freebsd:freebsd:4.0:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.7:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.5:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.6:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.8:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.9:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.10:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.11:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.12:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.13:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.14:*:*:*:*:*:*:*
OR
cpe:/a:openpkg:openpkg:current:*:*:*:*:*:*:*
OR
cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.15:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.16:*:*:*:*:*:*:*
OR
cpe:/a:openpkg:openpkg:1.2:*:*:*:*:*:*:*
OR
cpe:/o:freebsd:freebsd:4.7:-:*:*:*:*:*:*
OR
cpe:/o:freebsd:freebsd:4.8:-:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.19:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.20:*:*:*:*:*:*:*
OR
cpe:/a:openpkg:openpkg:1.3:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.21:*:*:*:*:*:*:*
OR
cpe:/o:freebsd:freebsd:5.1:-:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.21m:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.21f:*:*:*:*:*:*:*
OR
cpe:/o:freebsd:freebsd:4.6.2:-:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.10f:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.10m:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.11f:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.11m:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.12f:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.12m:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.13f:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.13m:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.14f:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.14m:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.15f:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.15m:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.16f:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.16m:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.17:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.17f:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.17m:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.18:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.18f:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.18m:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.19f:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.19m:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.20f:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.20m:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.2f:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.2m:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.3f:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.3m:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.4f:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.4m:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.5f:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.5m:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.6f:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.6m:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.7f:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.7m:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.8f:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.8m:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.9f:*:*:*:*:*:*:*
OR
cpe:/o:sgi:irix:6.5.9m:*:*:*:*:*:*:*
Denotes that component is vulnerable
BACK
openbsd
openssh 3.7.1
openbsd
openssh 3.7.1p1
openbsd
openssh 3.7p1
openbsd
openssh 3.7.1p1
sgi
irix 6.0.1
sgi
irix 6.1
sgi
irix 6.2
sgi
irix 6.3
sgi
irix 6.4
sgi
irix 6.5
sgi
irix 6.0
sgi
irix 6.5.1
sgi
irix 6.5.2
sgi
irix 6.5.3
sgi
irix 6.5.4
freebsd
freebsd 4.0
sgi
irix 6.5.7
sgi
irix 6.5.5
sgi
irix 6.5.6
sgi
irix 6.5.8
sgi
irix 6.5.9
sgi
irix 6.5.10
sgi
irix 6.5.11
sgi
irix 6.5.12
sgi
irix 6.5.13
sgi
irix 6.5.14
openpkg
openpkg current
gentoo
linux *
sgi
irix 6.5.15
sgi
irix 6.5.16
openpkg
openpkg 1.2
freebsd
freebsd 4.7 -
freebsd
freebsd 4.8 -
sgi
irix 6.5.19
sgi
irix 6.5.20
openpkg
openpkg 1.3
sgi
irix 6.5.21
freebsd
freebsd 5.1 -
sgi
irix 6.5.21m
sgi
irix 6.5.21f
freebsd
freebsd 4.6.2 -
sgi
irix 6.5.10f
sgi
irix 6.5.10m
sgi
irix 6.5.11f
sgi
irix 6.5.11m
sgi
irix 6.5.12f
sgi
irix 6.5.12m
sgi
irix 6.5.13f
sgi
irix 6.5.13m
sgi
irix 6.5.14f
sgi
irix 6.5.14m
sgi
irix 6.5.15f
sgi
irix 6.5.15m
sgi
irix 6.5.16f
sgi
irix 6.5.16m
sgi
irix 6.5.17
sgi
irix 6.5.17f
sgi
irix 6.5.17m
sgi
irix 6.5.18
sgi
irix 6.5.18f
sgi
irix 6.5.18m
sgi
irix 6.5.19f
sgi
irix 6.5.19m
sgi
irix 6.5.20f
sgi
irix 6.5.20m
sgi
irix 6.5.2f
sgi
irix 6.5.2m
sgi
irix 6.5.3f
sgi
irix 6.5.3m
sgi
irix 6.5.4f
sgi
irix 6.5.4m
sgi
irix 6.5.5f
sgi
irix 6.5.5m
sgi
irix 6.5.6f
sgi
irix 6.5.6m
sgi
irix 6.5.7f
sgi
irix 6.5.7m
sgi
irix 6.5.8f
sgi
irix 6.5.8m
sgi
irix 6.5.9f
sgi
irix 6.5.9m
Denotes that component is vulnerable