- Home
- CVEs with nessus.description==Several+remote+vulnerabilities+have+been+discovered+in+OpenSSH%2C+a+free+implementation+of+the+Secure+Shell+protocol%2C+which+may+lead+to+denial+of+service+and+potentially+the+execution+of+arbitrary+code.+The+Common+Vulnerabilities+and+Exposures+project+identifies+the+following+problems+%3A%0A%0A++-+CVE-2006-4924+++++Tavis+Ormandy+of+the+Google+Security+Team+discovered+a+++++denial+of+service+vulnerability+in+the+mitigation+code+++++against+complexity+attacks%2C+which+might+lead+to+++++increased+CPU+consumption+until+a+timeout+is+triggered.%0A++++This+is+only+exploitable+if+support+for+SSH+protocol+++++version+1+is+enabled.%0A%0A++-+CVE-2006-5051+++++Mark+Dowd+discovered+that+insecure+signal+handler+usage+++++could+potentially+lead+to+execution+of+arbitrary+code+++++through+a+double+free.+The+Debian+Security+Team+doesn%27t+++++believe+the+general+openssh+package+without+Kerberos+++++support+to+be+exploitable+by+this+issue.+However%2C+due+to+++++the+complexity+of+the+underlying+code+we+will+issue+an+++++update+to+rule+out+all+eventualities
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top