Vulnerability CVE-2003-0386: Information

Description

OpenSSH 3.6.1 and earlier, when restricting host access by numeric IP addresses and with VerifyReverseMapping disabled, allows remote attackers to bypass "from=" and "user@host" address restrictions by connecting to a host from a system whose reverse DNS hostname contains the numeric IP address.

Severity: HIGH (7.5)

URL: https://nvd.nist.gov/vuln/detail/CVE-2003-0386
Published: July 2, 2003
Modified: Oct. 11, 2017

References to Advisories, Solutions, and Tools

Hyperlink
Resource
20030605 OpenSSH remote clent address restriction circumvention
  • Exploit
  • Patch
  • Vendor Advisory
VU#978316
  • Exploit
  • Patch
  • Third Party Advisory
  • US Government Resource
http://lists.apple.com/mhonarc/security-announce/msg00038.html
    RHSA-2006:0298
      7831
        21129
          20060703-01-P
            21262
              http://support.avaya.com/elmodocs2/security/ASA-2006-174.htm
                21724
                  RHSA-2006:0698
                    22196
                      http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html
                        http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html
                          23680
                            oval:org.mitre.oval:def:9894

                                1. Configuration 1

                                  cpe:2.3:a:openbsd:openssh:3.6.1:*:*:*:*:*:*:*
                              VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
                              Version: v24.4.2
                              Back to top