CVE-2001-0144

CORE SDI SSH1 - RCE

Title source: llm
STIX 2.1

Description

CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow.

Exploits (2)

exploitdb STUB VERIFIED
by Teso · textremotemultiple
https://www.exploit-db.com/exploits/349
exploitdb WORKING POC VERIFIED
by Michal Zalewski · cremoteunix
https://www.exploit-db.com/exploits/20617

References (7)

Scores

EPSS 0.6172
EPSS Percentile 98.3%

Details

Status published
Products (13)
openbsd/openssh 1.2.2
openbsd/openssh 1.2.3
openbsd/openssh 2.1
openbsd/openssh 2.1.1
openbsd/openssh 2.2
ssh/ssh 1.2.24
ssh/ssh 1.2.25
ssh/ssh 1.2.26
ssh/ssh 1.2.27
ssh/ssh 1.2.28
... and 3 more
Published Mar 12, 2001
Tracked Since Feb 18, 2026