First published: Thu Sep 18 2003(Updated: )
Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code using (1) buffer_init in buffer.c, (2) buffer_free in buffer.c, or (3) a separate function in channels.c, a different vulnerability than CVE-2003-0693.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
OpenSSH | <=3.7.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2003-0695 is considered a significant vulnerability that can lead to denial of service or potential arbitrary code execution.
To mitigate CVE-2003-0695, update OpenSSH to version 3.7.1 or later.
CVE-2003-0695 can cause denial of service and allow attackers to execute arbitrary code through buffer management errors.
CVE-2003-0695 affects OpenSSH versions prior to 3.7.1.
CVE-2003-0695 is distinct from CVE-2003-0693, despite both being related to buffer management errors in OpenSSH.