5

CVE-2006-5052

Unspecified vulnerability in portable OpenSSH before 4.4, when running on some platforms, allows remote attackers to determine the validity of usernames via unknown vectors involving a GSSAPI "authentication abort."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OpenbsdOpenssh Version1.2
OpenbsdOpenssh Version1.2.1
OpenbsdOpenssh Version1.2.2
OpenbsdOpenssh Version1.2.3
OpenbsdOpenssh Version1.2.27
OpenbsdOpenssh Version2.1
OpenbsdOpenssh Version2.1.1
OpenbsdOpenssh Version2.2
OpenbsdOpenssh Version2.3
OpenbsdOpenssh Version2.5
OpenbsdOpenssh Version2.5.1
OpenbsdOpenssh Version2.5.2
OpenbsdOpenssh Version2.9
OpenbsdOpenssh Version2.9.9
OpenbsdOpenssh Version2.9.9p2
OpenbsdOpenssh Version2.9p1
OpenbsdOpenssh Version2.9p2
OpenbsdOpenssh Version3.0
OpenbsdOpenssh Version3.0.1
OpenbsdOpenssh Version3.0.1p1
OpenbsdOpenssh Version3.0.2
OpenbsdOpenssh Version3.0.2p1
OpenbsdOpenssh Version3.0p1
OpenbsdOpenssh Version3.1
OpenbsdOpenssh Version3.1p1
OpenbsdOpenssh Version3.2
OpenbsdOpenssh Version3.2.2
OpenbsdOpenssh Version3.2.2p1
OpenbsdOpenssh Version3.2.3p1
OpenbsdOpenssh Version3.3
OpenbsdOpenssh Version3.3p1
OpenbsdOpenssh Version3.4
OpenbsdOpenssh Version3.4p1
OpenbsdOpenssh Version3.5
OpenbsdOpenssh Version3.5p1
OpenbsdOpenssh Version3.6
OpenbsdOpenssh Version3.6.1
OpenbsdOpenssh Version3.6.1p1
OpenbsdOpenssh Version3.6.1p2
OpenbsdOpenssh Version3.7
OpenbsdOpenssh Version3.7.1
OpenbsdOpenssh Version3.7.1p1
OpenbsdOpenssh Version3.7.1p2
OpenbsdOpenssh Version3.8
OpenbsdOpenssh Version3.8.1
OpenbsdOpenssh Version3.8.1p1
OpenbsdOpenssh Version3.9
OpenbsdOpenssh Version3.9.1
OpenbsdOpenssh Version3.9.1p1
OpenbsdOpenssh Version4.0
OpenbsdOpenssh Version4.0p1
OpenbsdOpenssh Version4.1p1
OpenbsdOpenssh Version4.2
OpenbsdOpenssh Version4.2p1
OpenbsdOpenssh Version4.3
OpenbsdOpenssh Version4.3p1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.8% 0.846
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:P/I:N/A:N
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://docs.info.apple.com/article.html?artnum=305214
http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
http://secunia.com/advisories/24479
http://www.us-cert.gov/cas/techalerts/TA07-072A.html
US Government Resource
http://www.vupen.com/english/advisories/2007/0930
http://marc.info/?l=openssh-unix-dev&m=115939141729160&w=2
http://secunia.com/advisories/22158
Patch
Vendor Advisory
http://secunia.com/advisories/22495
http://secunia.com/advisories/22823
http://security.gentoo.org/glsa/glsa-200611-06.xml
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.592566
Patch
http://www.novell.com/linux/security/advisories/2006_62_openssh.html
http://openssh.org/txt/release-4.4
http://secunia.com/advisories/22173
Patch
Vendor Advisory
http://rhn.redhat.com/errata/RHSA-2006-0697.html
Patch
http://secunia.com/advisories/27588
http://secunia.com/advisories/28320
http://securitytracker.com/id?1016939
Patch
http://support.avaya.com/elmodocs2/security/ASA-2007-527.htm
http://www.osvdb.org/29266
http://www.redhat.com/support/errata/RHSA-2007-0540.html
http://www.redhat.com/support/errata/RHSA-2007-0703.html
http://www.securityfocus.com/archive/1/447861/100/200/threaded
http://www.securityfocus.com/bid/20245
Patch
https://exchange.xforce.ibmcloud.com/vulnerabilities/29255
https://issues.rpath.com/browse/RPL-681
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10178