Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-1pq3-ktfr-vqa4
Summarysecurity flaw
Aliases
0
alias CVE-2003-0190
Fixed_packages
0
url pkg:deb/debian/openssh@1:3.8.1p1-8.sarge.4?distro=trixie
purl pkg:deb/debian/openssh@1:3.8.1p1-8.sarge.4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:3.8.1p1-8.sarge.4%3Fdistro=trixie
1
url pkg:deb/debian/openssh@1:3.8.1p1-8.sarge.6
purl pkg:deb/debian/openssh@1:3.8.1p1-8.sarge.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11sf-sq1n-8ybk
1
vulnerability VCID-27t6-mvt2-6kcd
2
vulnerability VCID-3mzh-y1ek-cqh9
3
vulnerability VCID-45wb-44rx-1bhw
4
vulnerability VCID-48u8-uvvd-m7ef
5
vulnerability VCID-4fj8-vfgx-pyh9
6
vulnerability VCID-6n7q-b264-b3c9
7
vulnerability VCID-81na-a8p9-3fc3
8
vulnerability VCID-84r3-6n5q-1kft
9
vulnerability VCID-87uy-3q5r-r3b7
10
vulnerability VCID-9x46-xm8n-m3bs
11
vulnerability VCID-9zr9-947g-g7dn
12
vulnerability VCID-a7kr-mfau-bufd
13
vulnerability VCID-aaue-a343-u7f5
14
vulnerability VCID-ajmg-5kgx-k7h5
15
vulnerability VCID-akd1-gm5s-cfcs
16
vulnerability VCID-bdnh-bkx5-h3fe
17
vulnerability VCID-c72q-f2cy-eqgc
18
vulnerability VCID-dw3s-w6py-muh9
19
vulnerability VCID-e3hw-afkw-f7bt
20
vulnerability VCID-fczw-59xy-83c6
21
vulnerability VCID-g1vx-bcxw-mqfg
22
vulnerability VCID-g5qe-8p8p-3kd6
23
vulnerability VCID-g8g3-ts9j-8uab
24
vulnerability VCID-ge2m-my5w-z3eb
25
vulnerability VCID-gns3-z8js-4fef
26
vulnerability VCID-gzmm-8kvw-6qbv
27
vulnerability VCID-ha8v-pqwf-r3a1
28
vulnerability VCID-hmqc-xunp-myap
29
vulnerability VCID-hse5-y15y-n3dw
30
vulnerability VCID-jzk9-kyvp-5qdz
31
vulnerability VCID-jzn6-bzzf-nugp
32
vulnerability VCID-k8ae-fc4a-gycy
33
vulnerability VCID-kbba-6c9u-tygk
34
vulnerability VCID-mpex-kz3k-97aq
35
vulnerability VCID-myec-kc76-9bc1
36
vulnerability VCID-p5ps-aad3-que9
37
vulnerability VCID-qt1x-kyuf-gker
38
vulnerability VCID-qx5k-n11s-rucg
39
vulnerability VCID-rwzw-vrhk-sqfw
40
vulnerability VCID-sv83-ggsr-27au
41
vulnerability VCID-t1sg-4bvj-qqfk
42
vulnerability VCID-tqd9-nyt5-13e7
43
vulnerability VCID-tur1-ruxr-yqe3
44
vulnerability VCID-u21t-acnr-dub2
45
vulnerability VCID-u4sn-d8j6-bkdx
46
vulnerability VCID-ubjj-qb2c-n3d4
47
vulnerability VCID-v1vq-wecd-1ud9
48
vulnerability VCID-v27n-4vt2-rffw
49
vulnerability VCID-vj3u-a1c3-6qe5
50
vulnerability VCID-vrgz-eguk-k3dy
51
vulnerability VCID-wkpy-uwex-93db
52
vulnerability VCID-yrvb-stza-yfdp
53
vulnerability VCID-yrzy-er8x-c3ad
54
vulnerability VCID-ytkr-ev34-buhd
55
vulnerability VCID-z21r-z4zr-p3ex
56
vulnerability VCID-zncv-645p-f3gn
57
vulnerability VCID-zxw6-2um9-23e7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:3.8.1p1-8.sarge.6
2
url pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
purl pkg:deb/debian/openssh@1:8.4p1-5%2Bdeb11u3?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-792n-jkzj-qqhd
1
vulnerability VCID-8efr-budq-6bb6
2
vulnerability VCID-a4eq-r71a-buhm
3
vulnerability VCID-a7m6-uqbt-nqd9
4
vulnerability VCID-ajmg-5kgx-k7h5
5
vulnerability VCID-b4uc-yh56-muej
6
vulnerability VCID-bnrq-2fsr-mfgd
7
vulnerability VCID-kgn5-p8kx-qucj
8
vulnerability VCID-wga4-sqwk-4bfj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:8.4p1-5%252Bdeb11u3%3Fdistro=trixie
3
url pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie
purl pkg:deb/debian/openssh@1:9.2p1-2%2Bdeb12u7?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-792n-jkzj-qqhd
1
vulnerability VCID-8efr-budq-6bb6
2
vulnerability VCID-a4eq-r71a-buhm
3
vulnerability VCID-a7m6-uqbt-nqd9
4
vulnerability VCID-ajmg-5kgx-k7h5
5
vulnerability VCID-bnrq-2fsr-mfgd
6
vulnerability VCID-kgn5-p8kx-qucj
7
vulnerability VCID-wga4-sqwk-4bfj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:9.2p1-2%252Bdeb12u7%3Fdistro=trixie
4
url pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie
purl pkg:deb/debian/openssh@1:10.0p1-7%2Bdeb13u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-792n-jkzj-qqhd
1
vulnerability VCID-8efr-budq-6bb6
2
vulnerability VCID-a4eq-r71a-buhm
3
vulnerability VCID-ajmg-5kgx-k7h5
4
vulnerability VCID-bnrq-2fsr-mfgd
5
vulnerability VCID-kgn5-p8kx-qucj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.0p1-7%252Bdeb13u1%3Fdistro=trixie
5
url pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie
purl pkg:deb/debian/openssh@1:10.2p1-6?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-792n-jkzj-qqhd
1
vulnerability VCID-8efr-budq-6bb6
2
vulnerability VCID-a4eq-r71a-buhm
3
vulnerability VCID-bnrq-2fsr-mfgd
4
vulnerability VCID-kgn5-p8kx-qucj
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.2p1-6%3Fdistro=trixie
6
url pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
purl pkg:deb/debian/openssh@1:10.3p1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:10.3p1-1%3Fdistro=trixie
Affected_packages
0
url pkg:deb/debian/openssh@1:3.4p1-1.woody.3
purl pkg:deb/debian/openssh@1:3.4p1-1.woody.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-11sf-sq1n-8ybk
1
vulnerability VCID-1pq3-ktfr-vqa4
2
vulnerability VCID-27t6-mvt2-6kcd
3
vulnerability VCID-3mzh-y1ek-cqh9
4
vulnerability VCID-45wb-44rx-1bhw
5
vulnerability VCID-48u8-uvvd-m7ef
6
vulnerability VCID-4fj8-vfgx-pyh9
7
vulnerability VCID-61qv-3p82-fuh9
8
vulnerability VCID-679v-qrkw-qbar
9
vulnerability VCID-6n7q-b264-b3c9
10
vulnerability VCID-6tgm-yq5b-gyev
11
vulnerability VCID-81na-a8p9-3fc3
12
vulnerability VCID-84r3-6n5q-1kft
13
vulnerability VCID-87uy-3q5r-r3b7
14
vulnerability VCID-9x46-xm8n-m3bs
15
vulnerability VCID-9zr9-947g-g7dn
16
vulnerability VCID-a7kr-mfau-bufd
17
vulnerability VCID-aaue-a343-u7f5
18
vulnerability VCID-ajmg-5kgx-k7h5
19
vulnerability VCID-akd1-gm5s-cfcs
20
vulnerability VCID-bdnh-bkx5-h3fe
21
vulnerability VCID-bemm-xfxx-bqhb
22
vulnerability VCID-c72q-f2cy-eqgc
23
vulnerability VCID-dw3s-w6py-muh9
24
vulnerability VCID-e3hw-afkw-f7bt
25
vulnerability VCID-fczw-59xy-83c6
26
vulnerability VCID-g1vx-bcxw-mqfg
27
vulnerability VCID-g5qe-8p8p-3kd6
28
vulnerability VCID-g8g3-ts9j-8uab
29
vulnerability VCID-ge2m-my5w-z3eb
30
vulnerability VCID-gns3-z8js-4fef
31
vulnerability VCID-gzmm-8kvw-6qbv
32
vulnerability VCID-ha8v-pqwf-r3a1
33
vulnerability VCID-hmqc-xunp-myap
34
vulnerability VCID-hse5-y15y-n3dw
35
vulnerability VCID-hu66-jpbe-dfhn
36
vulnerability VCID-jzk9-kyvp-5qdz
37
vulnerability VCID-jzn6-bzzf-nugp
38
vulnerability VCID-k8ae-fc4a-gycy
39
vulnerability VCID-kbba-6c9u-tygk
40
vulnerability VCID-kgja-5xxj-1ucg
41
vulnerability VCID-m6qv-m21j-g3cj
42
vulnerability VCID-mpex-kz3k-97aq
43
vulnerability VCID-myec-kc76-9bc1
44
vulnerability VCID-nrj6-k3qf-2ubp
45
vulnerability VCID-p5ps-aad3-que9
46
vulnerability VCID-qt1x-kyuf-gker
47
vulnerability VCID-qx5k-n11s-rucg
48
vulnerability VCID-rwzw-vrhk-sqfw
49
vulnerability VCID-sv83-ggsr-27au
50
vulnerability VCID-t1sg-4bvj-qqfk
51
vulnerability VCID-tqd9-nyt5-13e7
52
vulnerability VCID-tur1-ruxr-yqe3
53
vulnerability VCID-u21t-acnr-dub2
54
vulnerability VCID-u4sn-d8j6-bkdx
55
vulnerability VCID-u8z5-76zk-hqah
56
vulnerability VCID-ubjj-qb2c-n3d4
57
vulnerability VCID-v1vq-wecd-1ud9
58
vulnerability VCID-v27n-4vt2-rffw
59
vulnerability VCID-vj3u-a1c3-6qe5
60
vulnerability VCID-vrgz-eguk-k3dy
61
vulnerability VCID-wkpy-uwex-93db
62
vulnerability VCID-wx7h-g53d-67eh
63
vulnerability VCID-yrvb-stza-yfdp
64
vulnerability VCID-yrzy-er8x-c3ad
65
vulnerability VCID-ytkr-ev34-buhd
66
vulnerability VCID-z21r-z4zr-p3ex
67
vulnerability VCID-zncv-645p-f3gn
68
vulnerability VCID-zxw6-2um9-23e7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/openssh@1:3.4p1-1.woody.3
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0190.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2003-0190.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2003-0190
reference_id
reference_type
scores
0
value 0.22646
scoring_system epss
scoring_elements 0.95821
published_at 2026-04-01T12:55:00Z
1
value 0.22646
scoring_system epss
scoring_elements 0.95829
published_at 2026-04-02T12:55:00Z
2
value 0.22646
scoring_system epss
scoring_elements 0.95838
published_at 2026-04-04T12:55:00Z
3
value 0.22646
scoring_system epss
scoring_elements 0.9584
published_at 2026-04-07T12:55:00Z
4
value 0.22646
scoring_system epss
scoring_elements 0.95848
published_at 2026-04-08T12:55:00Z
5
value 0.22646
scoring_system epss
scoring_elements 0.95852
published_at 2026-04-09T12:55:00Z
6
value 0.22646
scoring_system epss
scoring_elements 0.95855
published_at 2026-04-12T12:55:00Z
7
value 0.22646
scoring_system epss
scoring_elements 0.95856
published_at 2026-04-13T12:55:00Z
8
value 0.22646
scoring_system epss
scoring_elements 0.95868
published_at 2026-04-16T12:55:00Z
9
value 0.22646
scoring_system epss
scoring_elements 0.95873
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2003-0190
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0190
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2003-0190
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1616997
reference_id 1616997
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1616997
4
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=196413
reference_id 196413
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=196413
5
reference_url http://lab.mediaservice.net/advisory/2003-01-openssh.txt
reference_id OSVDB-2140;CVE-2003-0190
reference_type exploit
scores
url http://lab.mediaservice.net/advisory/2003-01-openssh.txt
6
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/25.c
reference_id OSVDB-2140;CVE-2003-0190
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/25.c
7
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/26.sh
reference_id OSVDB-2140;CVE-2003-0190
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/26.sh
8
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/3303.sh
reference_id OSVDB-32721;CVE-2006-5229;OSVDB-2140;CVE-2003-0190
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/3303.sh
9
reference_url https://access.redhat.com/errata/RHSA-2003:222
reference_id RHSA-2003:222
reference_type
scores
url https://access.redhat.com/errata/RHSA-2003:222
10
reference_url https://access.redhat.com/errata/RHSA-2003:224
reference_id RHSA-2003:224
reference_type
scores
url https://access.redhat.com/errata/RHSA-2003:224
11
reference_url https://usn.ubuntu.com/34-1/
reference_id USN-34-1
reference_type
scores
url https://usn.ubuntu.com/34-1/
Weaknesses
Exploits
0
date_added 2007-02-12
description Portable OpenSSH 3.6.1p-PAM/4.1-SuSE - Timing Attack
required_action null
due_date null
notes null
known_ransomware_campaign_use true
source_date_published 2007-02-13
exploit_type remote
platform multiple
source_date_updated 2016-09-27
data_source Exploit-DB
source_url
1
date_added null
description 
This module uses a malformed packet or timing attack to enumerate users on
          an OpenSSH server.

          The default action sends a malformed (corrupted) SSH_MSG_USERAUTH_REQUEST
          packet using public key authentication (must be enabled) to enumerate users.

          On some versions of OpenSSH under some configurations, OpenSSH will return a
          "permission denied" error for an invalid user faster than for a valid user,
          creating an opportunity for a timing attack to enumerate users.

          Testing note: invalid users were logged, while valid users were not. YMMV.
required_action null
due_date null
notes 
Stability:
  - crash-service-down
Reliability: []
SideEffects:
  - ioc-in-logs
  - account-lockouts
known_ransomware_campaign_use false
source_date_published null
exploit_type null
platform
source_date_updated null
data_source Metasploit
source_url https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/scanner/ssh/ssh_enumusers.rb
Severity_range_scorenull
Exploitability2.0
Weighted_severity0.2
Risk_score0.4
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-1pq3-ktfr-vqa4