Search criteria
3 vulnerabilities found for secure_shell_for_servers by ssh
CVE-2002-1646 (GCVE-0-2002-1646)
Vulnerability from cvelistv5 – Published: 2005-03-28 05:00 – Updated: 2024-08-08 03:34
VLAI
Summary
SSH Secure Shell for Servers 3.0.0 to 3.1.1 allows remote attackers to override the AllowedAuthentications configuration and use less secure authentication schemes (e.g. password) than configured for the server.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.kb.cert.org/vuls/id/341187 | third-party-advisoryx_refsource_CERT-VN |
| http://archives.neohapsis.com/archives/bugtraq/20… | mailing-listx_refsource_BUGTRAQ |
| http://www.ssh.com/company/newsroom/article/201/ | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/4810 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.ciac.org/ciac/bulletins/m-081.shtml | third-party-advisorygovernment-resourcex_refsource_CIAC |
| http://www.ssh.com/products/ssh/advisories/authen… | x_refsource_CONFIRM |
Date Public
2002-05-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:34:55.960Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#341187",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/341187"
},
{
"name": "20020523 [Fwd: Updated version of SSH Secure Shell available]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-05/0204.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ssh.com/company/newsroom/article/201/"
},
{
"name": "4810",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4810"
},
{
"name": "ssh-allowedauthentications-bypass-auth(9163)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9163"
},
{
"name": "M-081",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/m-081.shtml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ssh.com/products/ssh/advisories/authentication.cfm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-05-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SSH Secure Shell for Servers 3.0.0 to 3.1.1 allows remote attackers to override the AllowedAuthentications configuration and use less secure authentication schemes (e.g. password) than configured for the server."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#341187",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/341187"
},
{
"name": "20020523 [Fwd: Updated version of SSH Secure Shell available]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-05/0204.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ssh.com/company/newsroom/article/201/"
},
{
"name": "4810",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4810"
},
{
"name": "ssh-allowedauthentications-bypass-auth(9163)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9163"
},
{
"name": "M-081",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/m-081.shtml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ssh.com/products/ssh/advisories/authentication.cfm"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1646",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SSH Secure Shell for Servers 3.0.0 to 3.1.1 allows remote attackers to override the AllowedAuthentications configuration and use less secure authentication schemes (e.g. password) than configured for the server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#341187",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/341187"
},
{
"name": "20020523 [Fwd: Updated version of SSH Secure Shell available]",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-05/0204.html"
},
{
"name": "http://www.ssh.com/company/newsroom/article/201/",
"refsource": "CONFIRM",
"url": "http://www.ssh.com/company/newsroom/article/201/"
},
{
"name": "4810",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4810"
},
{
"name": "ssh-allowedauthentications-bypass-auth(9163)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9163"
},
{
"name": "M-081",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/m-081.shtml"
},
{
"name": "http://www.ssh.com/products/ssh/advisories/authentication.cfm",
"refsource": "CONFIRM",
"url": "http://www.ssh.com/products/ssh/advisories/authentication.cfm"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1646",
"datePublished": "2005-03-28T05:00:00.000Z",
"dateReserved": "2005-03-28T00:00:00.000Z",
"dateUpdated": "2024-08-08T03:34:55.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
FKIE_CVE-2002-1646
Vulnerability from fkie_nvd - Published: 2002-12-31 05:00 - Updated: 2026-04-16 00:27
Severity
Summary
SSH Secure Shell for Servers 3.0.0 to 3.1.1 allows remote attackers to override the AllowedAuthentications configuration and use less secure authentication schemes (e.g. password) than configured for the server.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ssh | secure_shell_for_servers | 3.0 | |
| ssh | secure_shell_for_servers | 3.0.1 | |
| ssh | secure_shell_for_servers | 3.1 | |
| ssh | secure_shell_for_servers | 3.1.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ssh:secure_shell_for_servers:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "0A1AD6B7-A164-49CD-A882-12C5D484CE9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:secure_shell_for_servers:3.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1B20DF45-5EC3-4771-A589-B7264152BB7C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:secure_shell_for_servers:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "89B02880-2593-4071-B2E4-5AFC462A8CF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ssh:secure_shell_for_servers:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "361B7BE0-4779-4692-8D7B-1B940E58BFA0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SSH Secure Shell for Servers 3.0.0 to 3.1.1 allows remote attackers to override the AllowedAuthentications configuration and use less secure authentication schemes (e.g. password) than configured for the server."
}
],
"id": "CVE-2002-1646",
"lastModified": "2026-04-16T00:27:16.627",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2002-12-31T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-05/0204.html"
},
{
"source": "cve@mitre.org",
"url": "http://www.ciac.org/ciac/bulletins/m-081.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/341187"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/4810"
},
{
"source": "cve@mitre.org",
"url": "http://www.ssh.com/company/newsroom/article/201/"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.ssh.com/products/ssh/advisories/authentication.cfm"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9163"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-05/0204.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ciac.org/ciac/bulletins/m-081.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/341187"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/4810"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ssh.com/company/newsroom/article/201/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.ssh.com/products/ssh/advisories/authentication.cfm"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9163"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2002-1646 (GCVE-0-2002-1646)
Vulnerability from nvd – Published: 2005-03-28 05:00 – Updated: 2024-08-08 03:34
VLAI
Summary
SSH Secure Shell for Servers 3.0.0 to 3.1.1 allows remote attackers to override the AllowedAuthentications configuration and use less secure authentication schemes (e.g. password) than configured for the server.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://www.kb.cert.org/vuls/id/341187 | third-party-advisoryx_refsource_CERT-VN |
| http://archives.neohapsis.com/archives/bugtraq/20… | mailing-listx_refsource_BUGTRAQ |
| http://www.ssh.com/company/newsroom/article/201/ | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/4810 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.ciac.org/ciac/bulletins/m-081.shtml | third-party-advisorygovernment-resourcex_refsource_CIAC |
| http://www.ssh.com/products/ssh/advisories/authen… | x_refsource_CONFIRM |
Date Public
2002-05-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T03:34:55.960Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#341187",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/341187"
},
{
"name": "20020523 [Fwd: Updated version of SSH Secure Shell available]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-05/0204.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ssh.com/company/newsroom/article/201/"
},
{
"name": "4810",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/4810"
},
{
"name": "ssh-allowedauthentications-bypass-auth(9163)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9163"
},
{
"name": "M-081",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/m-081.shtml"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.ssh.com/products/ssh/advisories/authentication.cfm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2002-05-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SSH Secure Shell for Servers 3.0.0 to 3.1.1 allows remote attackers to override the AllowedAuthentications configuration and use less secure authentication schemes (e.g. password) than configured for the server."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#341187",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/341187"
},
{
"name": "20020523 [Fwd: Updated version of SSH Secure Shell available]",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-05/0204.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ssh.com/company/newsroom/article/201/"
},
{
"name": "4810",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/4810"
},
{
"name": "ssh-allowedauthentications-bypass-auth(9163)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9163"
},
{
"name": "M-081",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/m-081.shtml"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.ssh.com/products/ssh/advisories/authentication.cfm"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2002-1646",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SSH Secure Shell for Servers 3.0.0 to 3.1.1 allows remote attackers to override the AllowedAuthentications configuration and use less secure authentication schemes (e.g. password) than configured for the server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#341187",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/341187"
},
{
"name": "20020523 [Fwd: Updated version of SSH Secure Shell available]",
"refsource": "BUGTRAQ",
"url": "http://archives.neohapsis.com/archives/bugtraq/2002-05/0204.html"
},
{
"name": "http://www.ssh.com/company/newsroom/article/201/",
"refsource": "CONFIRM",
"url": "http://www.ssh.com/company/newsroom/article/201/"
},
{
"name": "4810",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/4810"
},
{
"name": "ssh-allowedauthentications-bypass-auth(9163)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9163"
},
{
"name": "M-081",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/m-081.shtml"
},
{
"name": "http://www.ssh.com/products/ssh/advisories/authentication.cfm",
"refsource": "CONFIRM",
"url": "http://www.ssh.com/products/ssh/advisories/authentication.cfm"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2002-1646",
"datePublished": "2005-03-28T05:00:00.000Z",
"dateReserved": "2005-03-28T00:00:00.000Z",
"dateUpdated": "2024-08-08T03:34:55.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}