CVE-2007-3102

OpenSSH 4.3p2 - Arbitrary Audit Log Write via Crafted Username

Title source: llm
STIX 2.1

Description

Unspecified vulnerability in the linux_audit_record_event function in OpenSSH 4.3p2, as used on Fedora Core 6 and possibly other systems, allows remote attackers to write arbitrary characters to an audit log via a crafted username. NOTE: some of these details are obtained from third party information.

References (16)

Core 16
Core References
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/28319
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2007-0555.html
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/27588
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11124
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/39214
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2007-0737.html
Issue Tracking x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=248059
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/27235
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2007-0703.html
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/28320
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2007-0540.html
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/27590
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/26097

Scores

EPSS 0.0263
EPSS Percentile 85.9%

Details

Status published
Products (1)
openbsd/openssh 4.3p2
Published Oct 18, 2007
Tracked Since Feb 18, 2026