What is CVE-2002-0640?

CVE-2002-0640 is a vulnerability in N/a. Published 2003-04-02.

Is CVE-2002-0640 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2002-0640

Buffer overflow in sshd in OpenSSH 2.3.1 through 3.3 may allow remote attackers to execute arbitrary code via a large number of responses during challenge response authentication when OpenBSD is using PAM modules with interactive keyboard…

EPSS: 0.670 (98.6th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

DSA-134 (vendor-advisory)
RHSA-2002:127 (vendor-advisory)
20020626 OpenSSH Security Advisory (adv.iss) (mailing-list)
SuSE-SA:2002:024 (vendor-advisory)
20020628 Sun statement on the OpenSSH Remote Challenge Vulnerability (mailing-list)
839 (vdb-entry)
CA-2002-18 (third-party-advisory)
20020627 How to reproduce OpenSSH Overflow. (mailing-list)
RHSA-2002:131 (vendor-advisory)
5093 (vdb-entry)

Frequently asked questions

What is CVE-2002-0640?: CVE-2002-0640 is a vulnerability in N/a. Published 2003-04-02.
Is CVE-2002-0640 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.