Search for vulnerabilities
Vulnerability details: VCID-5ws3-cxqc-aaar
Vulnerability ID VCID-5ws3-cxqc-aaar
Aliases CVE-2000-0992
Summary Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a .. (dot dot) attack.
Status Published
Exploitability 2.0
Weighted Severity 4.5
Risk 9.0
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
epss 0.00770 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.00770 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.00770 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.00770 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.00770 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.00770 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.00770 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.00770 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.00770 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.00770 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.00770 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.00770 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.00868 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.00868 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.00868 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.00868 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.02826 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
epss 0.0374 https://api.first.org/data/v1/epss?cve=CVE-2000-0992
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2000-0992
Reference id Reference type URL
http://archives.neohapsis.com/archives/bugtraq/2000-09/0359.html
http://frontal2.mandriva.com/security/advisories?name=MDKSA-2000:057
https://api.first.org/data/v1/epss?cve=CVE-2000-0992
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2000-0992
https://exchange.xforce.ibmcloud.com/vulnerabilities/5312
http://www.securityfocus.com/bid/1742
270770 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=270770
cpe:2.3:a:openbsd:openssh:1.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.2.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.14:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ssh:ssh:1.2.14:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.15:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ssh:ssh:1.2.15:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.16:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ssh:ssh:1.2.16:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.17:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ssh:ssh:1.2.17:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.18:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ssh:ssh:1.2.18:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.19:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ssh:ssh:1.2.19:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.20:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ssh:ssh:1.2.20:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.21:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ssh:ssh:1.2.21:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.22:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ssh:ssh:1.2.22:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.23:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ssh:ssh:1.2.23:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.24:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ssh:ssh:1.2.24:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.25:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ssh:ssh:1.2.25:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.26:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ssh:ssh:1.2.26:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.27:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ssh:ssh:1.2.27:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.28:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ssh:ssh:1.2.28:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.29:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ssh:ssh:1.2.29:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.30:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ssh:ssh:1.2.30:*:*:*:*:*:*:*
cpe:2.3:a:ssh:ssh:1.2.31:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:ssh:ssh:1.2.31:*:*:*:*:*:*:*
CVE-2000-0992 https://nvd.nist.gov/vuln/detail/CVE-2000-0992
CVE-2000-0992;OSVDB-1586 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/linux/remote/20253.sh
CVE-2000-0992;OSVDB-1586 Exploit https://www.securityfocus.com/bid/1742/info
Data source Exploit-DB
Date added Sept. 30, 2000
Description OpenSSH 1.2 - '.scp' File Create/Overwrite
Ransomware campaign use Known
Source publication date Sept. 30, 2000
Exploit type remote
Platform linux
Source update date Aug. 5, 2012
Source URL https://www.securityfocus.com/bid/1742/info
Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2000-0992
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.81694
EPSS Score 0.00770
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.