5

CVE-2005-2798

sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OpenbsdOpenssh Version3.0
OpenbsdOpenssh Version3.0.1
OpenbsdOpenssh Version3.0.1p1
OpenbsdOpenssh Version3.0.2
OpenbsdOpenssh Version3.0.2p1
OpenbsdOpenssh Version3.0p1
OpenbsdOpenssh Version3.1
OpenbsdOpenssh Version3.1p1
OpenbsdOpenssh Version3.2
OpenbsdOpenssh Version3.2.2p1
OpenbsdOpenssh Version3.2.3p1
OpenbsdOpenssh Version3.3
OpenbsdOpenssh Version3.3p1
OpenbsdOpenssh Version3.4
OpenbsdOpenssh Version3.4p1
OpenbsdOpenssh Version3.5
OpenbsdOpenssh Version3.5p1
OpenbsdOpenssh Version3.6
OpenbsdOpenssh Version3.6.1
OpenbsdOpenssh Version3.6.1p1
OpenbsdOpenssh Version3.6.1p2
OpenbsdOpenssh Version3.7
OpenbsdOpenssh Version3.7.1
OpenbsdOpenssh Version3.7.1p2
OpenbsdOpenssh Version3.8
OpenbsdOpenssh Version3.8.1
OpenbsdOpenssh Version3.8.1p1
OpenbsdOpenssh Version3.9
OpenbsdOpenssh Version3.9.1
OpenbsdOpenssh Version3.9.1p1
OpenbsdOpenssh Version4.0p1
OpenbsdOpenssh Version4.1p1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.3% 0.81
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://lists.suse.com/archive/suse-security-announce/2006-Feb/0001.html
http://secunia.com/advisories/18717
http://secunia.com/advisories/18406
http://secunia.com/advisories/18507
http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm
http://www.securityfocus.com/archive/1/421411/100/0/threaded
http://www.vupen.com/english/advisories/2006/0144
https://exchange.xforce.ibmcloud.com/vulnerabilities/24064
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.53/SCOSA-2005.53.txt
http://secunia.com/advisories/16686
Patch
Vendor Advisory
http://secunia.com/advisories/18010
http://secunia.com/advisories/18661
http://securitytracker.com/id?1014845
http://support.avaya.com/elmodocs2/security/ASA-2006-033.htm
http://www.mindrot.org/pipermail/openssh-unix-announce/2005-September/000083.html
http://secunia.com/advisories/17077
http://secunia.com/advisories/17245
http://www.mandriva.com/security/advisories?name=MDKSA-2005:172
http://www.osvdb.org/19141
http://www.redhat.com/support/errata/RHSA-2005-527.html
http://www.securityfocus.com/bid/14729
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1345
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1566
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9717
https://usn.ubuntu.com/209-1/