CVE-2003-0787
First published: Thu Sep 25 2003(Updated: )
The PAM conversation function in OpenSSH 3.7.1 and 3.7.1p1 interprets an array of structures as an array of pointers, which allows attackers to modify the stack and possibly gain privileges.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| OpenSSH | =3.7.1p1 | |
| OpenSSH | =3.7.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2003-0787?
CVE-2003-0787 has a high severity rating due to the potential for privilege escalation.
How do I fix CVE-2003-0787?
To fix CVE-2003-0787, upgrade OpenSSH to version 3.7.2 or later, which contains the necessary security patches.
What versions are affected by CVE-2003-0787?
CVE-2003-0787 affects OpenSSH versions 3.7.1 and 3.7.1p1.
Can CVE-2003-0787 lead to remote exploitation?
Yes, if exploited, CVE-2003-0787 can allow attackers to gain elevated privileges on the vulnerable system.
What is the nature of the vulnerability in CVE-2003-0787?
CVE-2003-0787 involves the PAM conversation function misinterpreting data structures, allowing stack modification.
- agent/references
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/openbsd
- canonical/openssh
- version/openssh/3.7.1p1
- version/openssh/3.7.1