CyberSec.Space Logo
Back to CVE Browser

CVE-2002-1645

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1970%
EPSS Percentile13.88th
PublishedNov 25, 2002
Last ModifiedApr 16, 2026

Vulnerability Description

Buffer overflow in the URL catcher feature for SSH Secure Shell for Workstations client 3.1 to 3.2.0 allows remote attackers to execute arbitrary code via a long URL.

Affected Platforms (CPE)

πŸ“¦
Ssh

Ssh2

= 3.1
πŸ“¦
Ssh

Ssh2

= 3.1.1
πŸ“¦
Ssh

Ssh2

= 3.1.2
πŸ“¦
Ssh

Ssh2

= 3.1.3
πŸ“¦
Ssh

Ssh2

= 3.1.4
πŸ“¦
Ssh

Ssh2

= 3.2

References & Advisories

πŸ”— http://www.kb.cert.org/vuls/id/140977
πŸ”— http://www.securityfocus.com/bid/6263
πŸ”— http://www.ssh.com/company/newsroom/article/287/
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/10723
πŸ”— http://www.kb.cert.org/vuls/id/140977
πŸ”— http://www.securityfocus.com/bid/6263
πŸ”— http://www.ssh.com/company/newsroom/article/287/
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/10723

Related Vulnerabilities

CVE-2002-135810.0

Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to...

CVE-2002-135910.0

Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause ...

CVE-2002-135710.0

Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allo...

CVE-2002-136010.0

Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified ...