CVE-2003-0786

EPSS 3.1%

Published: 11/17/2003Modified: 4/28/2026

Also known as:DEBIAN-CVE-2003-0786

Description

The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and 3.7.1p1, when Privilege Separation is disabled, does not check the result of the authentication attempt, which can allow remote attackers to gain privileges.

Affected packages (1)

Debian/opensshfrom 0, < 1:3.7.1p2

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2003-0786