Vulnerabilities > CVE-2003-1120 - Unspecified vulnerability in SSH Tectia Server 4.0.3/4.0.4
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Race condition in SSH Tectia Server 4.0.3 and 4.0.4 for Unix, when the password change plugin (ssh-passwd-plugin) is enabled, allows local users to obtain the server's private key.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
References
- http://secunia.com/advisories/11193
- http://secunia.com/advisories/11193
- http://securitytracker.com/alerts/2004/Mar/1009532.html
- http://securitytracker.com/alerts/2004/Mar/1009532.html
- http://www.kb.cert.org/vuls/id/814198
- http://www.kb.cert.org/vuls/id/814198
- http://www.osvdb.org/displayvuln.php?osvdb_id=4491
- http://www.osvdb.org/displayvuln.php?osvdb_id=4491
- http://www.securityfocus.com/bid/9956
- http://www.securityfocus.com/bid/9956
- http://www.ssh.com/company/newsroom/article/520/
- http://www.ssh.com/company/newsroom/article/520/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15585
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15585