CVE-2004-0175

Impact:
Low
Public Date:
2000-09-01

The MITRE CVE dictionary describes this issue as:

Directory traversal vulnerability in scp for OpenSSH before 3.4p1 allows remote malicious servers to overwrite arbitrary files. NOTE: this may be a rediscovery of CVE-2000-0992.

Find out more about CVE-2004-0175 from the MITRE CVE dictionary dictionary and NIST NVD.

Statement

Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux version 2.1 (openssh) RHSA-2005:481 2005-06-02
Red Hat Enterprise Linux version 3 (krb5) RHSA-2005:562 2005-07-12
Red Hat Enterprise Linux version 4 (krb5) RHSA-2005:567 2005-07-12
Red Hat Enterprise Linux version 2.1 (krb5) RHSA-2005:562 2005-07-12
Red Hat Enterprise Linux version 3 (rsh) RHSA-2005:074 2005-05-18
Red Hat Enterprise Linux version 4 (rsh) RHSA-2005:165 2005-06-08
Red Hat Enterprise Linux version 3 (openssh) RHSA-2005:106 2005-05-18
Red Hat Enterprise Linux version 2.1 (rsh) RHSA-2005:495 2005-06-13

Acknowledgements

Red Hat would like to thank the MIT Kerberos Development Team for their responsible disclosure of this issue.