CVE-2002-0639 — CRITICAL severity vulnerability (Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows)
Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using SKEY or BSD_AUTH authentication.
| CVE ID | CVE-2002-0639 |
|---|---|
| Severity | CRITICAL |
| CVSS score | 9.8 |
| CVSS vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| CWE | CWE-190 |
| Status | Modified |
| Published | 2002-07-03 |
| Last modified | 2026-04-16 |
| Description | Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using SKEY or BSD_AUTH authentication. |
| Source | NIST National Vulnerability Database |
🔍 Search all vulnerabilities →
$999/mo
Try CVECheck →