Vulnerability Report

CVE-2002-0083

Title: OpenSSH off-by-one channel code vulnerability privilege escalation

Privilege escalation

Proof Of Concept

PoC Available for CVE-2002-0083

CWE Category CWE-193
Published Date Mar 15, 2002
Modified Date Apr 03, 2025
Exploit Status Available
Score 9.8 CVSS v3.1
Exploit Probability (EPSS)
1.77%

Vulnerability Summary

CVE-2002-0083: Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.

Impacted Vendors

O
openbsd 1
I
immunix 1
M
mandrakesoft 1
O
openpkg 1

Reference Links

ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0060.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000467 http://marc.info/?l=bugtraq&m=101552065005254&w=2 http://marc.info/?l=bugtraq&m=101553908201861&w=2 http://marc.info/?l=bugtraq&m=101561384821761&w=2 http://marc.info/?l=bugtraq&m=101586991827622&w=2 http://online.securityfocus.com/advisories/3960 http://online.securityfocus.com/archive/1/264657 http://www.calderasystems.com/support/security/advisories/CSSA-2002-012.0.txt http://www.debian.org/security/2002/dsa-119 http://www.iss.net/security_center/static/8383.php http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-019.php http://www.linuxsecurity.com/advisories/other_advisory-1937.html http://www.novell.com/linux/security/advisories/2002_009_openssh_txt.html http://www.openbsd.org/advisories/ssh_channelalloc.txt http://www.osvdb.org/730 http://www.redhat.com/support/errata/RHSA-2002-043.html http://www.securityfocus.com/bid/4241 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.asc ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.asc ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txt ftp://stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txt http://archives.neohapsis.com/archives/bugtraq/2002-03/0108.html http://archives.neohapsis.com/archives/vulnwatch/2002-q1/0060.html http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000467 http://marc.info/?l=bugtraq&m=101552065005254&w=2 http://marc.info/?l=bugtraq&m=101553908201861&w=2 http://marc.info/?l=bugtraq&m=101561384821761&w=2 http://marc.info/?l=bugtraq&m=101586991827622&w=2 http://online.securityfocus.com/advisories/3960 http://online.securityfocus.com/archive/1/264657 http://www.calderasystems.com/support/security/advisories/CSSA-2002-012.0.txt http://www.debian.org/security/2002/dsa-119 http://www.iss.net/security_center/static/8383.php http://www.linux-mandrake.com/en/security/2002/MDKSA-2002-019.php http://www.linuxsecurity.com/advisories/other_advisory-1937.html http://www.novell.com/linux/security/advisories/2002_009_openssh_txt.html http://www.openbsd.org/advisories/ssh_channelalloc.txt http://www.osvdb.org/730 http://www.redhat.com/support/errata/RHSA-2002-043.html http://www.securityfocus.com/bid/4241
CVSS v3.1
Source Entity [email protected]
Severity CRITICAL
9.8
Attack Vector
NETWORK
Complexity
LOW
Privileges
N/A
Interaction
NONE
Confidentiality
N/A
Integrity
N/A
Availability
N/A
Scope
UNCHANGED
RAW VECTOR CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CVSS v2.0
Source Entity [email protected]
Severity HIGH
10.0
Access Vector
N/A
Authentication
N/A
RAW VECTOR AV:N/AC:L/Au:N/C:C/I:C/A:C

Associated Attack Patterns (CAPEC)

Total: Patterns

CVE-2002-0083 Exploits & PoCs (Proof Of Concept)

Exploit-DB https://www.exploit-db.com/exploits/21314
View Code
MODIFIED

Vulnerability data or affected products updated.

PUBLISHED

Vulnerability first announced in NVD.

Attack Vector Matrix

Access Vector NETWORK
Complexity LOW
Privileges N/A
Interaction NONE
CVSS Vector String CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Stack

No specific products linked.