Vulnerabilities > CVE-2003-1120 - Unspecified vulnerability in SSH Tectia Server 4.0.3/4.0.4
Attack vector
LOCAL Attack complexity
HIGH Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Race condition in SSH Tectia Server 4.0.3 and 4.0.4 for Unix, when the password change plugin (ssh-passwd-plugin) is enabled, allows local users to obtain the server's private key.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
References
- http://secunia.com/advisories/11193
- http://securitytracker.com/alerts/2004/Mar/1009532.html
- http://www.kb.cert.org/vuls/id/814198
- http://www.osvdb.org/displayvuln.php?osvdb_id=4491
- http://www.securityfocus.com/bid/9956
- http://www.ssh.com/company/newsroom/article/520/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15585