3.0.2

DATE	CVE	VULNERABILITY TITLE	RISK
2014-03-18	CVE-2014-2532	Permissions, Privileges, and Access Controls vulnerability in multiple products sshd in OpenSSH before 6.6 does not properly support wildcards on AcceptEnv lines in sshd_config, which allows remote attackers to bypass intended environment restrictions by using a substring located before a wildcard character. network high complexity oracle openbsd CWE-264	4.9
2006-09-27	CVE-2006-5051	Double Free vulnerability in multiple products Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free. network high complexity openbsd debian apple CWE-415	8.1
2002-07-03	CVE-2002-0639	Integer Overflow or Wraparound vulnerability in Openbsd Openssh Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using SKEY or BSD_AUTH authentication. network low complexity openbsd CWE-190 critical	9.8
2002-03-15	CVE-2002-0083	Off-by-one Error vulnerability in multiple products Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges. network low complexity conectiva immunix openpkg mandrakesoft openbsd trustix suse redhat engardelinux CWE-193 critical	9.8