Critical severity9.8NVD Advisory· Published Jul 3, 2002· Updated Apr 16, 2026
CVE-2002-0639
CVE-2002-0639
Description
Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using SKEY or BSD_AUTH authentication.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
17- marc.infonvdExploitMailing List
- marc.infonvdExploitMailing List
- marc.infonvdExploitMailing List
- www.cert.org/advisories/CA-2002-18.htmlnvdThird Party AdvisoryUS Government Resource
- www.kb.cert.org/vuls/id/369347nvdThird Party AdvisoryUS Government Resource
- www.securityfocus.com/bid/5093nvdBroken LinkThird Party AdvisoryVDB Entry
- web.archive.org/web/20080622172542/www.iss.net/threats/advise123.htmlnvdThird Party Advisory
- ftp.caldera.com/pub/security/OpenLinux/CSSA-2002-030.0.txtnvdBroken Link
- archives.neohapsis.com/archives/bugtraq/2002-06/0335.htmlnvdBroken Link
- distro.conectiva.com.br/atualizacoes/nvdBroken Link
- www.debian.org/security/2002/dsa-134nvdBroken Link
- www.iss.net/security_center/static/9169.phpnvdBroken Link
- www.linuxsecurity.com/advisories/other_advisory-2177.htmlnvdBroken Link
- www.mandrakesoft.com/security/advisoriesnvdBroken Link
- www.osvdb.org/6245nvdBroken Link
- www1.itrc.hp.com/service/cki/docDisplay.donvdBroken Link
- twitter.com/RooneyMcNibNug/status/1152332585349111810nvdBroken Link
News mentions
0No linked articles in our index yet.