Vulnerability Database

296,147

Total vulnerabilities in the database

CVE-2002-1644

SSH Secure Shell for Servers and SSH Secure Shell for Workstations 2.0.13 through 3.2.1, when running without a PTY, does not call setsid to remove the child process from the process group of the parent process, which allows attackers to gain certain privileges.

  • Published: Nov 25, 2002
  • Updated: Apr 13, 2023
  • CVE: CVE-2002-1644
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.2
  • AV:L/AC:L/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Software From Fixed in
ssh / ssh2 2.0.13 2.0.13.x
ssh / ssh2 2.1 2.1.x
ssh / ssh2 3.0.1 3.0.1.x
ssh / ssh2 2.2 2.2.x
ssh / ssh2 3.2.1 3.2.1.x
ssh / ssh2 3.1 3.1.x
ssh / ssh2 3.0 3.0.x
ssh / ssh2 3.1.2 3.1.2.x
ssh / ssh2 3.1.3 3.1.3.x
ssh / ssh2 3.1.4 3.1.4.x
ssh / ssh2 2.4 2.4.x
ssh / ssh2 3.1.1 3.1.1.x
ssh / ssh2 3.2 3.2.x
ssh / ssh2 2.3 2.3.x
ssh / ssh2 2.5 2.5.x