CVE-2004-0175

  • Last update: Apr 13, 2023

Description

Directory traversal vulnerability in scp for OpenSSH before 3.4p1 allows remote malicious servers to overwrite arbitrary files. NOTE: this may be a rediscovery of CVE-2000-0992.

Software From Fixed in
openbsd / openssh 3.0 3.0.x
openbsd / openssh 3.0.1 3.0.1.x
openbsd / openssh 3.0.1p1 3.0.1p1.x
openbsd / openssh 3.0.2 3.0.2.x
openbsd / openssh 3.0.2p1 3.0.2p1.x
openbsd / openssh 3.0p1 3.0p1.x
openbsd / openssh 3.1 3.1.x
openbsd / openssh 3.1p1 3.1p1.x
openbsd / openssh 3.2 3.2.x
openbsd / openssh 3.2.2p1 3.2.2p1.x
openbsd / openssh 3.2.3p1 3.2.3p1.x
openbsd / openssh 3.3 3.3.x
openbsd / openssh 3.3p1 3.3p1.x
openbsd / openssh 3.4 3.4.x
openbsd / openssh 3.4p1 3.4p1.x

Details

    • Severity: Low
  • CVE: CVE-2004-0175
  • Published: Aug 18, 2004
  • Updated: Apr 13, 2023
  • Exploit:

CVSS v2

  • Severity: Low
  • Score: 4.3
  • AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs

OWASP TOP 10