CVE-2002-1715 : SSH 1 through 3, and possibly other versions, allows local users to bypass restr

SSH 1 through 3, and possibly other versions, allows local users to bypass restricted shells such as rbash or rksh by uploading a script to a world-writeable directory, then executing that script to gain normal shell access.

Published 2002-12-31 05:00:00

Updated 2017-07-11 01:29:22

Source MITRE

View at NVD, CVE.org

Products affected by CVE-2002-1715

SSH » SSH » Version: 1.2.10
cpe:2.3:a:ssh:ssh:1.2.10:*:*:*:*:*:*:*
Matching versions
SSH » SSH » Version: 1.2.11
cpe:2.3:a:ssh:ssh:1.2.11:*:*:*:*:*:*:*
Matching versions
SSH » SSH » Version: 1.2.12
cpe:2.3:a:ssh:ssh:1.2.12:*:*:*:*:*:*:*
Matching versions
SSH » SSH » Version: 1.2.13
cpe:2.3:a:ssh:ssh:1.2.13:*:*:*:*:*:*:*
Matching versions
SSH » SSH » Version: 1.2.5
cpe:2.3:a:ssh:ssh:1.2.5:*:*:*:*:*:*:*
Matching versions
SSH » SSH » Version: 1.2.6
cpe:2.3:a:ssh:ssh:1.2.6:*:*:*:*:*:*:*
Matching versions
SSH » SSH » Version: 1.2.7
cpe:2.3:a:ssh:ssh:1.2.7:*:*:*:*:*:*:*
Matching versions
SSH » SSH » Version: 1.2.8
cpe:2.3:a:ssh:ssh:1.2.8:*:*:*:*:*:*:*
Matching versions
SSH » SSH » Version: 1.2.9
cpe:2.3:a:ssh:ssh:1.2.9:*:*:*:*:*:*:*
Matching versions
SSH » SSH » Version: 1.2.1
cpe:2.3:a:ssh:ssh:1.2.1:*:*:*:*:*:*:*
Matching versions
SSH » SSH » Version: 1.2.14
cpe:2.3:a:ssh:ssh:1.2.14:*:*:*:*:*:*:*
Matching versions
SSH » SSH » Version: 1.2.3
cpe:2.3:a:ssh:ssh:1.2.3:*:*:*:*:*:*:*
Matching versions
SSH » SSH » Version: 1.2.0
cpe:2.3:a:ssh:ssh:1.2.0:*:*:*:*:*:*:*
Matching versions
SSH » SSH » Version: 1.2.2
cpe:2.3:a:ssh:ssh:1.2.2:*:*:*:*:*:*:*
Matching versions
SSH » SSH » Version: 1.2.4
cpe:2.3:a:ssh:ssh:1.2.4:*:*:*:*:*:*:*
Matching versions
SSH » SSH » Version: 1.2.27
cpe:2.3:a:ssh:ssh:1.2.27:*:*:*:*:*:*:*
Matching versions
SSH » SSH » Version: 1.2.25
cpe:2.3:a:ssh:ssh:1.2.25:*:*:*:*:*:*:*
Matching versions
SSH » SSH » Version: 1.2.20
cpe:2.3:a:ssh:ssh:1.2.20:*:*:*:*:*:*:*
Matching versions
SSH » SSH » Version: 1.2.21
cpe:2.3:a:ssh:ssh:1.2.21:*:*:*:*:*:*:*
Matching versions
SSH » SSH » Version: 1.2.22
cpe:2.3:a:ssh:ssh:1.2.22:*:*:*:*:*:*:*
Matching versions
SSH » SSH » Version: 1.2.16
cpe:2.3:a:ssh:ssh:1.2.16:*:*:*:*:*:*:*
Matching versions
SSH » SSH » Version: 1.2.18
cpe:2.3:a:ssh:ssh:1.2.18:*:*:*:*:*:*:*
Matching versions
SSH » SSH » Version: 1.2.24
cpe:2.3:a:ssh:ssh:1.2.24:*:*:*:*:*:*:*
Matching versions
SSH » SSH » Version: 1.2.26
cpe:2.3:a:ssh:ssh:1.2.26:*:*:*:*:*:*:*
Matching versions
SSH » SSH » Version: 1.2.15
cpe:2.3:a:ssh:ssh:1.2.15:*:*:*:*:*:*:*
Matching versions
SSH » SSH » Version: 1.2.17
cpe:2.3:a:ssh:ssh:1.2.17:*:*:*:*:*:*:*
Matching versions
SSH » SSH » Version: 1.2.19
cpe:2.3:a:ssh:ssh:1.2.19:*:*:*:*:*:*:*
Matching versions
SSH » SSH » Version: 1.2.23
cpe:2.3:a:ssh:ssh:1.2.23:*:*:*:*:*:*:*
Matching versions
SSH » SSH » Version: 1.2.28
cpe:2.3:a:ssh:ssh:1.2.28:*:*:*:*:*:*:*
Matching versions
SSH » SSH » Version: 1.2.29
cpe:2.3:a:ssh:ssh:1.2.29:*:*:*:*:*:*:*
Matching versions
SSH » SSH » Version: 1.2.31
cpe:2.3:a:ssh:ssh:1.2.31:*:*:*:*:*:*:*
Matching versions
SSH » SSH » Version: 1.2.30
cpe:2.3:a:ssh:ssh:1.2.30:*:*:*:*:*:*:*
Matching versions
SSH » Ssh2 » Version: 2.0.11
cpe:2.3:a:ssh:ssh2:2.0.11:*:*:*:*:*:*:*
Matching versions
SSH » Ssh2 » Version: 2.0.5
cpe:2.3:a:ssh:ssh2:2.0.5:*:*:*:*:*:*:*
Matching versions
SSH » Ssh2 » Version: 2.0.6
cpe:2.3:a:ssh:ssh2:2.0.6:*:*:*:*:*:*:*
Matching versions
SSH » Ssh2 » Version: 2.0.3
cpe:2.3:a:ssh:ssh2:2.0.3:*:*:*:*:*:*:*
Matching versions
SSH » Ssh2 » Version: 2.0.4
cpe:2.3:a:ssh:ssh2:2.0.4:*:*:*:*:*:*:*
Matching versions
SSH » Ssh2 » Version: 2.0.2
cpe:2.3:a:ssh:ssh2:2.0.2:*:*:*:*:*:*:*
Matching versions
SSH » Ssh2 » Version: 2.0.9
cpe:2.3:a:ssh:ssh2:2.0.9:*:*:*:*:*:*:*
Matching versions
SSH » Ssh2 » Version: 2.0
cpe:2.3:a:ssh:ssh2:2.0:*:*:*:*:*:*:*
Matching versions
SSH » Ssh2 » Version: 2.0.1
cpe:2.3:a:ssh:ssh2:2.0.1:*:*:*:*:*:*:*
Matching versions
SSH » Ssh2 » Version: 2.0.10
cpe:2.3:a:ssh:ssh2:2.0.10:*:*:*:*:*:*:*
Matching versions
SSH » Ssh2 » Version: 2.0.7
cpe:2.3:a:ssh:ssh2:2.0.7:*:*:*:*:*:*:*
Matching versions
SSH » Ssh2 » Version: 2.0.8
cpe:2.3:a:ssh:ssh2:2.0.8:*:*:*:*:*:*:*
Matching versions
SSH » Ssh2 » Version: 2.0.12
cpe:2.3:a:ssh:ssh2:2.0.12:*:*:*:*:*:*:*
Matching versions
SSH » Ssh2 » Version: 2.4
cpe:2.3:a:ssh:ssh2:2.4:*:*:*:*:*:*:*
Matching versions
SSH » Ssh2 » Version: 2.5
cpe:2.3:a:ssh:ssh2:2.5:*:*:*:*:*:*:*
Matching versions
SSH » Ssh2 » Version: 3.0
cpe:2.3:a:ssh:ssh2:3.0:*:*:*:*:*:*:*
Matching versions
SSH » Ssh2 » Version: 2.2
cpe:2.3:a:ssh:ssh2:2.2:*:*:*:*:*:*:*
Matching versions
SSH » Ssh2 » Version: 2.3
cpe:2.3:a:ssh:ssh2:2.3:*:*:*:*:*:*:*
Matching versions
SSH » Ssh2 » Version: 2.0.13
cpe:2.3:a:ssh:ssh2:2.0.13:*:*:*:*:*:*:*
Matching versions
SSH » Ssh2 » Version: 2.1
cpe:2.3:a:ssh:ssh2:2.1:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2002-1715

EPSS FAQ

0.04%

Probability of exploitation activity in the next 30 days EPSS Score History

~ %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2002-1715

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
7.2	HIGH	AV:L/AC:L/Au:N/C:C/I:C/A:C	3.9	10.0	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

References for CVE-2002-1715

Jump to

Vulnerability Details : CVE-2002-1715

Products affected by CVE-2002-1715

Exploit prediction scoring system (EPSS) score for CVE-2002-1715

CVSS scores for CVE-2002-1715

References for CVE-2002-1715