Description
The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and 3.7.1p1, when Privilege Separation is disabled, does not check the result of the authentication attempt, which can allow remote attackers to gain privileges.
References (6)
Core 6
Core References
Mailing List mailing-list
x_refsource_fulldisc
http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/010812.html
Various Sources x_refsource_confirm
http://www.openssh.com/txt/sshpam.adv
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/8677
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/338617
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/338616
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/602204
Scores
EPSS
0.0314
EPSS Percentile
87.1%
Details
Status
published
Products (2)
openbsd/openssh
3.7.1
openbsd/openssh
3.7.1p1
Published
Nov 17, 2003
Tracked Since
Feb 18, 2026