Detections
Analytics

CVE-2003-0787

high

Description

The PAM conversation function in OpenSSH 3.7.1 and 3.7.1p1 interprets an array of structures as an array of pointers, which allows attackers to modify the stack and possibly gain privileges.

References

http://www.securityfocus.com/bid/8677

http://www.securityfocus.com/archive/1/338617

http://www.securityfocus.com/archive/1/338616

http://www.openssh.com/txt/sshpam.adv

http://www.kb.cert.org/vuls/id/209807

http://lists.grok.org.uk/pipermail/full-disclosure/2003-September/010812.html

Details

Source: Mitre, NVD

Published: 2003-11-17

Updated: 2025-04-03

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 8.2

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H

Severity: High

EPSS

EPSS: 0.00813