CVE-2003-0386
EPSS 9.6%Published: 7/2/2003Modified: 4/28/2026
Description
OpenSSH 3.6.1 and earlier, when restricting host access by numeric IP addresses and with VerifyReverseMapping disabled, allows remote attackers to bypass "from=" and "user@host" address restrictions by connecting to a host from a system whose reverse DNS hostname contains the numeric IP address.
Affected packages (1)
- Debian/opensshfrom 0, < 1:3.8p1-1