Search for vulnerabilities
Vulnerability details: VCID-vdtc-emcv-aaaq
Vulnerability ID VCID-vdtc-emcv-aaaq
Aliases CVE-2004-0175
Summary Directory traversal vulnerability in scp for OpenSSH before 3.4p1 allows remote malicious servers to overwrite arbitrary files. NOTE: this may be a rediscovery of CVE-2000-0992.
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
System Score Found at
rhas Low https://access.redhat.com/errata/RHSA-2005:074
rhas Low https://access.redhat.com/errata/RHSA-2005:106
rhas Low https://access.redhat.com/errata/RHSA-2005:165
rhas Low https://access.redhat.com/errata/RHSA-2005:481
rhas Low https://access.redhat.com/errata/RHSA-2005:495
rhas Critical https://access.redhat.com/errata/RHSA-2005:562
rhas Important https://access.redhat.com/errata/RHSA-2005:567
epss 0.00254 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00306 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00361 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00361 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00361 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00361 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00361 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00361 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00361 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00361 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00361 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00361 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00361 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00434 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00434 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00434 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00434 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
epss 0.00438 https://api.first.org/data/v1/epss?cve=CVE-2004-0175
rhbs low https://bugzilla.redhat.com/show_bug.cgi?id=1617166
cvssv2 4.3 https://nvd.nist.gov/vuln/detail/CVE-2004-0175
Reference id Reference type URL
ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.11/SCOSA-2006.11.txt
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000831
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2004-0175.json
https://api.first.org/data/v1/epss?cve=CVE-2004-0175
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=120147
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0175
http://secunia.com/advisories/17135
http://secunia.com/advisories/19243
https://exchange.xforce.ibmcloud.com/vulnerabilities/16323
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10184
http://www.ciac.org/ciac/bulletins/o-212.shtml
http://www.juniper.net/support/security/alerts/adv59739.txt
http://www.mandriva.com/security/advisories?name=MDKSA-2005:100
http://www.mandriva.com/security/advisories?name=MDVSA-2008:191
http://www.novell.com/linux/security/advisories/2004_09_kernel.html
http://www.osvdb.org/9550
http://www.redhat.com/support/errata/RHSA-2005-074.html
http://www.redhat.com/support/errata/RHSA-2005-106.html
http://www.redhat.com/support/errata/RHSA-2005-165.html
http://www.redhat.com/support/errata/RHSA-2005-481.html
http://www.redhat.com/support/errata/RHSA-2005-495.html
http://www.redhat.com/support/errata/RHSA-2005-562.html
http://www.redhat.com/support/errata/RHSA-2005-567.html
http://www.securityfocus.com/bid/9986
1617166 https://bugzilla.redhat.com/show_bug.cgi?id=1617166
270770 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=270770
cpe:2.3:a:openbsd:openssh:3.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0.1p1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.1p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0.2p1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0.2p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0p1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.0p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.1p1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.1p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.2.2p1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2.2p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.2.3p1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.2.3p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.3:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.3p1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.3p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.4:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.4:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.4p1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.4p1:*:*:*:*:*:*:*
CVE-2004-0175 https://nvd.nist.gov/vuln/detail/CVE-2004-0175
RHSA-2005:074 https://access.redhat.com/errata/RHSA-2005:074
RHSA-2005:106 https://access.redhat.com/errata/RHSA-2005:106
RHSA-2005:165 https://access.redhat.com/errata/RHSA-2005:165
RHSA-2005:481 https://access.redhat.com/errata/RHSA-2005:481
RHSA-2005:495 https://access.redhat.com/errata/RHSA-2005:495
RHSA-2005:562 https://access.redhat.com/errata/RHSA-2005:562
RHSA-2005:567 https://access.redhat.com/errata/RHSA-2005:567
No exploits are available.
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2004-0175
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.65743
EPSS Score 0.00254
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.