Critical severity9.8NVD Advisory· Published Mar 15, 2002· Updated Apr 16, 2026
CVE-2002-0083
CVE-2002-0083
Description
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
Affected products
38- cpe:2.3:a:mandrakesoft:mandrake_single_network_firewall:7.2:*:*:*:*:*:*:*
cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:o:conectiva:linux:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:conectiva:linux:5.1:*:*:*:*:*:*:*
- cpe:2.3:o:conectiva:linux:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:conectiva:linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:conectiva:linux:ecommerce:*:*:*:*:*:*:*
- cpe:2.3:o:conectiva:linux:graficas:*:*:*:*:*:*:*
cpe:2.3:o:engardelinux:secure_linux:1.0.1:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:engardelinux:secure_linux:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:o:trustix:secure_linux:1.1:*:*:*:*:*:*:*
- cpe:2.3:o:trustix:secure_linux:1.2:*:*:*:*:*:*:*
- cpe:2.3:o:trustix:secure_linux:1.5:*:*:*:*:*:*:*
cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*+ 4 more
- cpe:2.3:o:mandrakesoft:mandrake_linux:7.1:*:*:*:*:*:*:*
- cpe:2.3:o:mandrakesoft:mandrake_linux:7.2:*:*:*:*:*:*:*
- cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:mandrakesoft:mandrake_linux:8.0:*:ppc:*:*:*:*:*
- cpe:2.3:o:mandrakesoft:mandrake_linux:8.1:*:*:*:*:*:*:*
- cpe:2.3:o:mandrakesoft:mandrake_linux_corporate_server:1.0.1:*:*:*:*:*:*:*
cpe:2.3:o:suse:suse_linux:6.4:alpha:*:*:*:*:*:*+ 14 more
- cpe:2.3:o:suse:suse_linux:6.4:alpha:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:6.4:*:i386:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:6.4:*:ppc:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:7.0:alpha:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:7.0:*:i386:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:7.0:*:ppc:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:7.0:*:sparc:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:7.1:alpha:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:7.1:*:spa:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:7.1:*:sparc:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:7.1:*:x86:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:7.2:*:i386:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:7.3:*:i386:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:7.3:*:ppc:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux:7.3:*:sparc:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
23- marc.infonvdMailing ListPatch
- www.linuxsecurity.com/advisories/other_advisory-1937.htmlnvdBroken LinkPatchVendor Advisory
- online.securityfocus.com/advisories/3960nvdBroken LinkThird Party AdvisoryVDB Entry
- online.securityfocus.com/archive/1/264657nvdBroken LinkThird Party AdvisoryVDB Entry
- www.debian.org/security/2002/dsa-119nvdBroken LinkVendor Advisory
- www.openbsd.org/advisories/ssh_channelalloc.txtnvdVendor Advisory
- www.securityfocus.com/bid/4241nvdBroken LinkThird Party AdvisoryVDB Entry
- ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02:13.openssh.ascnvdBroken Link
- ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2002-004.txt.ascnvdBroken Link
- stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.10/CSSA-2002-SCO.10.txtnvdBroken Link
- stage.caldera.com/pub/security/openunix/CSSA-2002-SCO.11/CSSA-2002-SCO.11.txtnvdBroken Link
- archives.neohapsis.com/archives/bugtraq/2002-03/0108.htmlnvdBroken Link
- archives.neohapsis.com/archives/vulnwatch/2002-q1/0060.htmlnvdBroken Link
- distro.conectiva.com.br/atualizacoes/nvdBroken Link
- marc.infonvdMailing List
- marc.infonvdMailing List
- marc.infonvdMailing List
- www.calderasystems.com/support/security/advisories/CSSA-2002-012.0.txtnvdBroken Link
- www.iss.net/security_center/static/8383.phpnvdBroken Link
- www.linux-mandrake.com/en/security/2002/MDKSA-2002-019.phpnvdBroken Link
- www.novell.com/linux/security/advisories/2002_009_openssh_txt.htmlnvdBroken Link
- www.osvdb.org/730nvdBroken Link
- www.redhat.com/support/errata/RHSA-2002-043.htmlnvdBroken Link
News mentions
0No linked articles in our index yet.