CVE-2002-1358
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2002-1358
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
多个SSH2服务器客户端非法列表拒绝服务攻击漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
SSH协议可以使客户端和服务端之间建立加密通信。Rapid7开发了SSHredde测试工具,针对连接初始化,KEY交换,SSH传输层协议密码字段协商等过程进行详细测试。 在测试过程中发现多个SSH2服务器和客户端不正确处理包含空元素或者字符串的列表,远程攻击者可以利用这个漏洞进行拒绝服务攻击或可能以进程权限执行任意代码。 目前没有更详细的漏洞细节。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2002-1358
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2002-1358
Please Login to view more intelligence information
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5721vdb-entrysignaturex_refsource_OVAL
- https://nvd.nist.gov/vuln/detail/CVE-2002-1358
Same Patch Batch · n/a · 2002-12-17 · 11 CVEs total
| CVE-2002-1258 | Microsoft Java虚拟机CODEBASE参数文件泄露漏洞(MS02-069) | |
| CVE-2002-1345 | 多家厂商FTP客户端文件覆盖漏洞 | |
| CVE-2002-1355 | Ethereal BGP解析器无限循环远程拒绝服务攻击漏洞 | |
| CVE-2002-1356 | Ethereal LMP解析器畸形包内存破坏漏洞 | |
| CVE-2002-1357 | 多个SSH2服务器客户端非法包长度缓冲区溢出漏洞 | |
| CVE-2002-1359 | 多个SSH2服务器客户端超长字段远程缓冲区溢出漏洞 | |
| CVE-2002-1360 | 多个SSH2服务器客户端NULL字符远程缓冲区溢出漏洞 | |
| CVE-2002-1376 | Oracle MySQL libmysqlclient库缓冲区错误漏洞 | |
| CVE-2002-1378 | OpenLDAP多个远程缓冲区溢出漏洞 | |
| CVE-2002-1379 | OpenLDAP多个未明任意代码执行漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8186
Open5GS NF client.c ogs_sbi_client_send_via_scp_or_sepp out- - CVE-2026-8187
Open5GS UPF gtp-path.c _gtpv1_u_recv_cb resource consumption - CVE-2026-6667
PgBouncer missing authorization check in KILL_CLIENT admin c - CVE-2026-6666
PgBouncer crash in kill_pool_logins_server_error - CVE-2026-6665
PgBouncer buffer overflow in SCRAM
V. Comments for CVE-2002-1358
No comments yet