VDB

DEBIAN-CVE-2003-0786

DEBIAN-CVE-2003-0786 PUBLISHED

The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and 3.7.1p1, when Privilege Separation is disabled, does not check the result of the authentication attempt, which can allow remote attackers to gain privileges.

Affected Products

VendorProductVersions
Debian:13openssh0, 0, 0
Debian:11openssh0, 0, 0
Debian:12openssh0, 0, 0
Debian:14openssh0, 0, 0

Timeline

  • Nov 17, 2003 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›