ID CVE-2011-5000
Summary The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.
References
Vulnerable Configurations
  • cpe:2.3:a:openbsd:openssh:1.2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.2.1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.2.3:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.2.27:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.2.27:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.3:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.3:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.5:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.5:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.5.7:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.5.7:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.5.8:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.5.8:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.0:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.0.1p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.0.1p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.0.2p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.0.2p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.0p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.0p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.1p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.1p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.2.2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.2.2p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.2.2p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.2.3p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.2.3p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.3:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.3p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.3p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.4:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.4:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.4p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.4p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.5:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.5:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.5p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.5p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.6:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.6:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.6.1p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.6.1p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.6.1p2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.6.1p2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.7:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.7:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.7.1p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.7.1p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.7.1p2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.7.1p2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.8:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.8:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.8.1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.8.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.8.1p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.8.1p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.9:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.9:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.9.1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.9.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.9.1p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.9.1p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.0:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.0:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.0p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.0p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.1p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.1p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.2p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.2p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.3:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.3:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.3p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.3p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.3p2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.3p2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.4:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.4:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.4p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.4p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.5:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.5:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.6:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.6:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.7:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.7:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.8:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.8:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.9:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.9:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.0:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.3:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.4:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.5:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.5:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.6:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.6:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.7:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.7:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:-:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:-:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.2.2:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.2.2:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.2.2:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.2.2:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.2.3:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.2.3:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:1.2.3:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:1.2.3:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.1.0:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.1.0:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.1.0:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.1.0:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.1.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.1.1:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.1.1:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.1.1:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.1.1:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.1.1:p2:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.1.1:p2:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.1.1:p3:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.1.1:p3:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.1.1:p4:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.1.1:p4:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.2.0:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.2.0:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.2.0:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.2.0:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.3:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.3.0:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.3.0:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.3.0:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.3.0:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.3.1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.5:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.5.1:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.5.1:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.5.1:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.5.1:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.5.1:p2:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.5.1:p2:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.5.2:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.5.2:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.5.2:p2:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.5.2:p2:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.9:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.9:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.9:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.9:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.9:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.9:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.9:p2:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.9:p2:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.9.9:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.9.9:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.9.9:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.9.9:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.9.9:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.9.9:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.9.9p2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.9.9p2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.9p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.9p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:2.9p2:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:2.9p2:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.0:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.0:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.0:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.0:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.0.1:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.0.1:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.0.1:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.0.1:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.0.2:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.0.2:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.0.2:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.0.2:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.1:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.1:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.1:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.1:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.2.2:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.2.2:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.2.2:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.2.2:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.2.3:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.2.3:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.2.3:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.2.3:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.3:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.3:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.3:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.3:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.4:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.4:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.4:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.4:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.5:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.5:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.5:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.5:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.6:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.6:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.6:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.6:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.6.1:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.6.1:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.6.1:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.6.1:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.6.1:p2:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.6.1:p2:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.7.1:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.7.1:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.7.1:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.7.1:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.7.1:p2:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.7.1:p2:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.8:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.8:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.8:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.8:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.8.1:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.8.1:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.8.1:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.8.1:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.9:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.9:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:3.9:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:3.9:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.0:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.0:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.0:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.0:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.1:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.1:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.1:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.1:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.2:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.2:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.2:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.2:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.3:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.3:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.3:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.3:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.3:p2:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.3:p2:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.4:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.4:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.4:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.4:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.5:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.5:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.5:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.5:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.6:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.6:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.6:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.6:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.7:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.7:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.7:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.7:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.7p1:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.7p1:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.8:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.8:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.8:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.8:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.9:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.9:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:4.9:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:4.9:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.0:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.0:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.0:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.0:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.1:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.1:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.1:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.1:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.2:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.2:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.2:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.2:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.3:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.3:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.3:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.3:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.4:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.4:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.4:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.4:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.5:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.5:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.5:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.5:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.6:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.6:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.6:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.6:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.7:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.7:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.7:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.7:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.8:*:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.8:*:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.8:-:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.8:-:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.8:p1:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.8:p1:*:*:*:*:*:*
  • cpe:2.3:a:openbsd:openssh:5.8:p2:*:*:*:*:*:*
    cpe:2.3:a:openbsd:openssh:5.8:p2:*:*:*:*:*:*
CVSS
Base: 3.5 (as of 22-07-2012 - 03:33)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM SINGLE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:M/Au:S/C:N/I:N/A:P
redhat via4
advisories
bugzilla
id 809938
title CVE-2011-5000 openssh: post-authentication resource exhaustion bug via GSSAPI
oval
AND
  • OR
    • comment Red Hat Enterprise Linux 6 Client is installed
      oval oval:com.redhat.rhba:tst:20111656001
    • comment Red Hat Enterprise Linux 6 Server is installed
      oval oval:com.redhat.rhba:tst:20111656002
    • comment Red Hat Enterprise Linux 6 Workstation is installed
      oval oval:com.redhat.rhba:tst:20111656003
    • comment Red Hat Enterprise Linux 6 ComputeNode is installed
      oval oval:com.redhat.rhba:tst:20111656004
  • OR
    • AND
      • comment openssh is earlier than 0:5.3p1-81.el6
        oval oval:com.redhat.rhsa:tst:20120884005
      • comment openssh is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20120884006
    • AND
      • comment openssh-askpass is earlier than 0:5.3p1-81.el6
        oval oval:com.redhat.rhsa:tst:20120884007
      • comment openssh-askpass is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20120884008
    • AND
      • comment openssh-clients is earlier than 0:5.3p1-81.el6
        oval oval:com.redhat.rhsa:tst:20120884013
      • comment openssh-clients is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20120884014
    • AND
      • comment openssh-ldap is earlier than 0:5.3p1-81.el6
        oval oval:com.redhat.rhsa:tst:20120884011
      • comment openssh-ldap is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20120884012
    • AND
      • comment openssh-server is earlier than 0:5.3p1-81.el6
        oval oval:com.redhat.rhsa:tst:20120884015
      • comment openssh-server is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20120884016
    • AND
      • comment pam_ssh_agent_auth is earlier than 0:0.9-81.el6
        oval oval:com.redhat.rhsa:tst:20120884009
      • comment pam_ssh_agent_auth is signed with Red Hat redhatrelease2 key
        oval oval:com.redhat.rhsa:tst:20120884010
rhsa
id RHSA-2012:0884
released 2012-06-20
severity Low
title RHSA-2012:0884: openssh security, bug fix, and enhancement update (Low)
rpms
  • openssh-0:5.3p1-81.el6
  • openssh-askpass-0:5.3p1-81.el6
  • openssh-clients-0:5.3p1-81.el6
  • openssh-ldap-0:5.3p1-81.el6
  • openssh-server-0:5.3p1-81.el6
  • pam_ssh_agent_auth-0:0.9-81.el6
refmap via4
fulldisc 20110801 Useless OpenSSH resources exhausion bug via GSSAPI
misc http://site.pi3.com.pl/adv/ssh_1.txt
Last major update 22-07-2012 - 03:33
Published 05-04-2012 - 14:55
Back to Top