CVE-2003-0693 Affecting openssh package, versions <1:3.6.1p2-6.0
Snyk CVSS
Attack Complexity
Low
Confidentiality
High
Integrity
High
Availability
High
Threat Intelligence
EPSS
62.77% (98th
percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-DEBIAN11-OPENSSH-515407
- published 22 Sep 2003
- disclosed 22 Sep 2003
Introduced: 22 Sep 2003
CVE-2003-0693 Open this link in a new tabHow to fix?
Upgrade Debian:11 openssh to version 1:3.6.1p2-6.0 or higher.
NVD Description
Note: Versions mentioned in the description apply only to the upstream openssh package and not the openssh package as distributed by Debian.
See How to fix? for Debian:11 relevant fixed versions and status.
A "buffer management error" in buffer_append_space of buffer.c for OpenSSH before 3.7 may allow remote attackers to execute arbitrary code by causing an incorrect amount of memory to be freed and corrupting the heap, a different vulnerability than CVE-2003-0695.
References
- ADVISORY
- CERT
- Cert Vulnerability Note
- CONFIRM
- Debian Security Advisory
- Debian Security Advisory
- FULLDISC
- FULLDISC
- FULLDISC
- HP Security Bulletin
- HP Security Bulletin
- HP Security Bulletin
- HP Security Bulletin
- HP Security Bulletin
- Oval Security
- Oval Security
- X-force Vulnerability Report
- cve@mitre.org
- cve@mitre.org
- cve@mitre.org