CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2001-0144

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0260%
EPSS Percentile42.07th
Published2001年3月12日
Last Modified2026年4月16日

Vulnerability Description

CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow.

Affected Platforms (CPE)

📦
Openbsd

Openssh

= 1.2.2
📦
Openbsd

Openssh

= 1.2.3
📦
Openbsd

Openssh

= 2.1
📦
Openbsd

Openssh

= 2.1.1
📦
Openbsd

Openssh

= 2.2
📦
Ssh

Ssh

= 1.2.24
📦
Ssh

Ssh

= 1.2.25
📦
Ssh

Ssh

= 1.2.26
📦
Ssh

Ssh

= 1.2.27
📦
Ssh

Ssh

= 1.2.28
📦
Ssh

Ssh

= 1.2.29
📦
Ssh

Ssh

= 1.2.30
📦
Ssh

Ssh

= 1.2.31

References & Advisories

🔗 http://marc.info/?l=bugtraq&m=98168366406903&w=2
🔗 http://razor.bindview.com/publish/advisories/adv_ssh1crc.html
🔗 http://www.cert.org/advisories/CA-2001-35.html
🔗 http://www.osvdb.org/503
🔗 http://www.osvdb.org/795
🔗 http://www.securityfocus.com/bid/2347
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/6083
🔗 http://marc.info/?l=bugtraq&m=98168366406903&w=2

相關漏洞威脅

CVE-2002-064010.0

Buffer overflow in sshd in OpenSSH 2.3.1 through 3.3 may allow remote attackers to execute arbitrary code via a large number of re...

CVE-1999-066110.0

A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP...

CVE-2000-052510.0

OpenSSH does not properly drop privileges when the UseLogin option is enabled, which allows local users to execute arbitrary comma...

CVE-2003-069310.0

A "buffer management error" in buffer_append_space of buffer.c for OpenSSH before 3.7 may allow remote attackers to execute arbitr...