7.5

CVE-2006-5794

EPSS 3.25%
Published 08.11.2006 20:07:00
Last modified 09.04.2025 00:30:58
Source secalert@redhat.com
Teams watchlist Login
Open Login

Unspecified vulnerability in the sshd Privilege Separation Monitor in OpenSSH before 4.5 causes weaker verification that authentication has been successful, which might allow attackers to bypass authentication. NOTE: as of 20061108, it is believed that this issue is only exploitable by leveraging vulnerabilities in the unprivileged process, which are not known to exist.

Affected products Warnungen 0 Metrics 2 CWE 0 References 32

Data is provided by the National Vulnerability Database (NVD)

Openbsd ≫ Openssh Version <= 4.4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	3.25%	0.867

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7.5	10	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P

http://secunia.com/advisories/23680

http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html

http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html

http://secunia.com/advisories/22932

http://www.novell.com/linux/security/advisories/2006_26_sr.html

http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227

http://secunia.com/advisories/22772

ftp://patches.sgi.com/support/free/security/advisories/20061201-01-P.asc

http://rhn.redhat.com/errata/RHSA-2006-0738.html

http://secunia.com/advisories/22771

Patch

Vendor Advisory

http://secunia.com/advisories/22773

Patch

Vendor Advisory

http://secunia.com/advisories/22778

http://secunia.com/advisories/22814

http://secunia.com/advisories/22872

http://secunia.com/advisories/23513

http://secunia.com/advisories/24055

http://securitytracker.com/id?1017183

http://sourceforge.net/project/shownotes.php?release_id=461854&group_id=69227

http://support.avaya.com/elmodocs2/security/ASA-2007-048.htm

http://www.mandriva.com/security/advisories?name=MDKSA-2006:204

http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.032-openssh.html

http://www.openssh.org/txt/release-4.5

http://www.securityfocus.com/archive/1/451100/100/0/threaded

http://www.securityfocus.com/bid/20956

Patch

http://www.vupen.com/english/advisories/2006/4399

http://www.vupen.com/english/advisories/2006/4400

https://exchange.xforce.ibmcloud.com/vulnerabilities/30120

https://issues.rpath.com/browse/RPL-766

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11840

https://nvd.nist.gov/vuln/detail/CVE-2006-5794

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2006-5794

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2006-5794

EUVD