CVE-2003-0693
ssh - possible remote vulnerability
EPSS 26.8%
Description
A "buffer management error" in buffer_append_space of buffer.c for OpenSSH before 3.7 may allow remote attackers to execute arbitrary code by causing an incorrect amount of memory to be freed and corrupting the heap, a different vulnerability than CVE-2003-0695.
How to fix CVE-2003-0693
To remediate CVE-2003-0693, upgrade the affected package to a fixed version below.
- Debian/openssh—upgrade to 1:3.6.1p2-6.0 or later
- Debian/openssh—upgrade to 1:3.4p1-1.1 or later
- Debian/openssh—upgrade to 1:3.4p1-1.woody.2 or later
Is CVE-2003-0693 being exploited?
Moderate — EPSS is 26.8%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (3)
- from 0, < 1:3.6.1p2-6.0
- from 0, < 1:3.4p1-1.1
- from 0, < 1:3.4p1-1.woody.2