CyberSec.Space Logo
Back to CVE Browser

CVE-2001-0144

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0260%
EPSS Percentile42.07th
PublishedMar 12, 2001
Last ModifiedApr 16, 2026

Vulnerability Description

CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow.

Affected Platforms (CPE)

πŸ“¦
Openbsd

Openssh

= 1.2.2
πŸ“¦
Openbsd

Openssh

= 1.2.3
πŸ“¦
Openbsd

Openssh

= 2.1
πŸ“¦
Openbsd

Openssh

= 2.1.1
πŸ“¦
Openbsd

Openssh

= 2.2
πŸ“¦
Ssh

Ssh

= 1.2.24
πŸ“¦
Ssh

Ssh

= 1.2.25
πŸ“¦
Ssh

Ssh

= 1.2.26
πŸ“¦
Ssh

Ssh

= 1.2.27
πŸ“¦
Ssh

Ssh

= 1.2.28
πŸ“¦
Ssh

Ssh

= 1.2.29
πŸ“¦
Ssh

Ssh

= 1.2.30
πŸ“¦
Ssh

Ssh

= 1.2.31

References & Advisories

πŸ”— http://marc.info/?l=bugtraq&m=98168366406903&w=2
πŸ”— http://razor.bindview.com/publish/advisories/adv_ssh1crc.html
πŸ”— http://www.cert.org/advisories/CA-2001-35.html
πŸ”— http://www.osvdb.org/503
πŸ”— http://www.osvdb.org/795
πŸ”— http://www.securityfocus.com/bid/2347
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/6083
πŸ”— http://marc.info/?l=bugtraq&m=98168366406903&w=2

Related Vulnerabilities

CVE-2002-064010.0

Buffer overflow in sshd in OpenSSH 2.3.1 through 3.3 may allow remote attackers to execute arbitrary code via a large number of re...

CVE-1999-066110.0

A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP...

CVE-2000-052510.0

OpenSSH does not properly drop privileges when the UseLogin option is enabled, which allows local users to execute arbitrary comma...

CVE-2003-069310.0

A "buffer management error" in buffer_append_space of buffer.c for OpenSSH before 3.7 may allow remote attackers to execute arbitr...