CVE-2003-0787
EPSS 0.46%
Description
The PAM conversation function in OpenSSH 3.7.1 and 3.7.1p1 interprets an array of structures as an array of pointers, which allows attackers to modify the stack and possibly gain privileges.
How to fix CVE-2003-0787
To remediate CVE-2003-0787, upgrade the affected package to a fixed version below.
- Debian/openssh—upgrade to 1:3.7.1p2 or later
Is CVE-2003-0787 being exploited?
Low — EPSS is 0.5%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1:3.7.1p2