7.5

CVE-2006-5794

EPSS 2.24%
Veröffentlicht 08.11.2006 20:07:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle secalert@redhat.com
CVE-Watchlists
Login
Unerledigt
Login

Unspecified vulnerability in the sshd Privilege Separation Monitor in OpenSSH before 4.5 causes weaker verification that authentication has been successful, which might allow attackers to bypass authentication. NOTE: as of 20061108, it is believed that this issue is only exploitable by leveraging vulnerabilities in the unprivileged process, which are not known to exist.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 32

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Openbsd ≫ Openssh Version <= 4.4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	2.24%	0.841

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://secunia.com/advisories/23680

http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html

http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html

http://secunia.com/advisories/22932

http://www.novell.com/linux/security/advisories/2006_26_sr.html

http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227

http://secunia.com/advisories/22772

ftp://patches.sgi.com/support/free/security/advisories/20061201-01-P.asc

http://rhn.redhat.com/errata/RHSA-2006-0738.html

http://secunia.com/advisories/22771

Patch

Vendor Advisory

http://secunia.com/advisories/22773

Patch

Vendor Advisory

http://secunia.com/advisories/22778

http://secunia.com/advisories/22814

http://secunia.com/advisories/22872

http://secunia.com/advisories/23513

http://secunia.com/advisories/24055

http://securitytracker.com/id?1017183

http://sourceforge.net/project/shownotes.php?release_id=461854&group_id=69227

http://support.avaya.com/elmodocs2/security/ASA-2007-048.htm

http://www.mandriva.com/security/advisories?name=MDKSA-2006:204

http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.032-openssh.html

http://www.openssh.org/txt/release-4.5

http://www.securityfocus.com/archive/1/451100/100/0/threaded

http://www.securityfocus.com/bid/20956

Patch

http://www.vupen.com/english/advisories/2006/4399

http://www.vupen.com/english/advisories/2006/4400

https://exchange.xforce.ibmcloud.com/vulnerabilities/30120

https://issues.rpath.com/browse/RPL-766

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11840

https://nvd.nist.gov/vuln/detail/CVE-2006-5794

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-5794

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-5794

EUVD