cve-2006-5051
Vulnerability from cvelistv5
Published
2006-09-27 23:00
Modified
2024-08-07 19:32
Severity ?
Summary
Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free.
References
secalert@redhat.comftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:22.openssh.ascBroken Link
secalert@redhat.comftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.ascBroken Link
secalert@redhat.comhttp://docs.info.apple.com/article.html?artnum=305214Broken Link
secalert@redhat.comhttp://lists.apple.com/archives/security-announce/2007/Mar/msg00002.htmlMailing List
secalert@redhat.comhttp://lists.freebsd.org/pipermail/freebsd-security/2006-October/004051.htmlMailing List
secalert@redhat.comhttp://marc.info/?l=openssh-unix-dev&m=115939141729160&w=2Mailing List
secalert@redhat.comhttp://openssh.org/txt/release-4.4Release Notes
secalert@redhat.comhttp://secunia.com/advisories/22158Broken Link, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/22173Broken Link, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/22183Broken Link, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/22196Broken Link, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/22208Broken Link, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/22236Broken Link, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/22245Broken Link, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/22270Broken Link, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/22352Broken Link, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/22362Broken Link, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/22487Broken Link, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/22495Broken Link
secalert@redhat.comhttp://secunia.com/advisories/22823Broken Link, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/22926Broken Link, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/23680Broken Link, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/24479Broken Link, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/24799Broken Link, Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/24805Broken Link, Vendor Advisory
secalert@redhat.comhttp://security.freebsd.org/advisories/FreeBSD-SA-06%3A22.openssh.ascThird Party Advisory
secalert@redhat.comhttp://security.gentoo.org/glsa/glsa-200611-06.xmlThird Party Advisory
secalert@redhat.comhttp://securitytracker.com/id?1016940Broken Link, Third Party Advisory, VDB Entry
secalert@redhat.comhttp://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.592566Broken Link
secalert@redhat.comhttp://sourceforge.net/forum/forum.php?forum_id=681763Broken Link
secalert@redhat.comhttp://support.avaya.com/elmodocs2/security/ASA-2006-216.htmThird Party Advisory
secalert@redhat.comhttp://www-unix.globus.org/mail_archive/security-announce/2007/04/msg00000.htmlBroken Link
secalert@redhat.comhttp://www.arkoon.fr/upload/alertes/36AK-2006-07-FR-1.0_FAST360_OPENSSH.pdfBroken Link
secalert@redhat.comhttp://www.arkoon.fr/upload/alertes/43AK-2006-09-FR-1.0_SSL360_OPENSSH.pdfBroken Link
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1189Mailing List
secalert@redhat.comhttp://www.debian.org/security/2006/dsa-1212Broken Link
secalert@redhat.comhttp://www.kb.cert.org/vuls/id/851340Third Party Advisory, US Government Resource
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDKSA-2006:179Third Party Advisory
secalert@redhat.comhttp://www.novell.com/linux/security/advisories/2006_62_openssh.htmlBroken Link
secalert@redhat.comhttp://www.openbsd.org/errata.html#sshRelease Notes
secalert@redhat.comhttp://www.openpkg.org/security/advisories/OpenPKG-SA-2006.022-openssh.htmlBroken Link
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2024/07/01/3
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2024/07/28/3
secalert@redhat.comhttp://www.osvdb.org/29264Broken Link
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0697.htmlBroken Link
secalert@redhat.comhttp://www.redhat.com/support/errata/RHSA-2006-0698.htmlBroken Link
secalert@redhat.comhttp://www.securityfocus.com/bid/20241Broken Link, Third Party Advisory, VDB Entry
secalert@redhat.comhttp://www.ubuntu.com/usn/usn-355-1Broken Link
secalert@redhat.comhttp://www.us-cert.gov/cas/techalerts/TA07-072A.htmlThird Party Advisory, US Government Resource
secalert@redhat.comhttp://www.vmware.com/support/vi3/doc/esx-3069097-patch.htmlBroken Link
secalert@redhat.comhttp://www.vmware.com/support/vi3/doc/esx-9986131-patch.htmlBroken Link
secalert@redhat.comhttp://www.vupen.com/english/advisories/2006/4018Broken Link
secalert@redhat.comhttp://www.vupen.com/english/advisories/2006/4329Broken Link
secalert@redhat.comhttp://www.vupen.com/english/advisories/2007/0930Broken Link
secalert@redhat.comhttp://www.vupen.com/english/advisories/2007/1332Broken Link
secalert@redhat.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/29254Third Party Advisory, VDB Entry
secalert@redhat.comhttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11387Broken Link
secalert@redhat.comhttps://www.openwall.com/lists/oss-security/2024/07/28/3
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:22.openssh.ascBroken Link
af854a3a-2127-422b-91ae-364da2661108ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.ascBroken Link
af854a3a-2127-422b-91ae-364da2661108http://docs.info.apple.com/article.html?artnum=305214Broken Link
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.htmlMailing List
af854a3a-2127-422b-91ae-364da2661108http://lists.freebsd.org/pipermail/freebsd-security/2006-October/004051.htmlMailing List
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=openssh-unix-dev&m=115939141729160&w=2Mailing List
af854a3a-2127-422b-91ae-364da2661108http://openssh.org/txt/release-4.4Release Notes
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22158Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22173Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22183Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22196Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22208Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22236Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22245Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22270Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22352Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22362Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22487Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22495Broken Link
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22823Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/22926Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/23680Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/24479Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/24799Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/24805Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://security.freebsd.org/advisories/FreeBSD-SA-06%3A22.openssh.ascThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200611-06.xmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1016940Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.592566Broken Link
af854a3a-2127-422b-91ae-364da2661108http://sourceforge.net/forum/forum.php?forum_id=681763Broken Link
af854a3a-2127-422b-91ae-364da2661108http://support.avaya.com/elmodocs2/security/ASA-2006-216.htmThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www-unix.globus.org/mail_archive/security-announce/2007/04/msg00000.htmlBroken Link
af854a3a-2127-422b-91ae-364da2661108http://www.arkoon.fr/upload/alertes/36AK-2006-07-FR-1.0_FAST360_OPENSSH.pdfBroken Link
af854a3a-2127-422b-91ae-364da2661108http://www.arkoon.fr/upload/alertes/43AK-2006-09-FR-1.0_SSL360_OPENSSH.pdfBroken Link
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1189Mailing List
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2006/dsa-1212Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/851340Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDKSA-2006:179Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/linux/security/advisories/2006_62_openssh.htmlBroken Link
af854a3a-2127-422b-91ae-364da2661108http://www.openbsd.org/errata.html#sshRelease Notes
af854a3a-2127-422b-91ae-364da2661108http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.022-openssh.htmlBroken Link
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2024/07/01/3
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2024/07/28/3
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/29264Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0697.htmlBroken Link
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2006-0698.htmlBroken Link
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/20241Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/usn-355-1Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA07-072A.htmlThird Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/support/vi3/doc/esx-3069097-patch.htmlBroken Link
af854a3a-2127-422b-91ae-364da2661108http://www.vmware.com/support/vi3/doc/esx-9986131-patch.htmlBroken Link
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/4018Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/4329Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/0930Broken Link
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/1332Broken Link
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/29254Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11387Broken Link
af854a3a-2127-422b-91ae-364da2661108https://www.openwall.com/lists/oss-security/2024/07/28/3
Impacted products
Vendor Product Version
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T19:32:23.380Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "FreeBSD-SA-06:22",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://security.freebsd.org/advisories/FreeBSD-SA-06%3A22.openssh.asc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://sourceforge.net/forum/forum.php?forum_id=681763"
          },
          {
            "name": "22270",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22270"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.arkoon.fr/upload/alertes/43AK-2006-09-FR-1.0_SSL360_OPENSSH.pdf"
          },
          {
            "name": "USN-355-1",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/usn-355-1"
          },
          {
            "name": "[freebsd-security] 20061002 FreeBSD Security Advisory FreeBSD-SA-06:22.openssh",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://lists.freebsd.org/pipermail/freebsd-security/2006-October/004051.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
          },
          {
            "name": "oval:org.mitre.oval:def:11387",
            "tags": [
              "vdb-entry",
              "signature",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11387"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://openssh.org/txt/release-4.4"
          },
          {
            "name": "24805",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24805"
          },
          {
            "name": "VU#851340",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "http://www.kb.cert.org/vuls/id/851340"
          },
          {
            "name": "[2.9] 015: SECURITY FIX: October 12, 2006",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.openbsd.org/errata.html#ssh"
          },
          {
            "name": "22487",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22487"
          },
          {
            "name": "TA07-072A",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.arkoon.fr/upload/alertes/36AK-2006-07-FR-1.0_FAST360_OPENSSH.pdf"
          },
          {
            "name": "GLSA-200611-06",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200611-06.xml"
          },
          {
            "name": "SUSE-SA:2006:062",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.novell.com/linux/security/advisories/2006_62_openssh.html"
          },
          {
            "name": "22362",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22362"
          },
          {
            "name": "23680",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/23680"
          },
          {
            "name": "APPLE-SA-2007-03-13",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://docs.info.apple.com/article.html?artnum=305214"
          },
          {
            "name": "22352",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22352"
          },
          {
            "name": "ADV-2006-4329",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/4329"
          },
          {
            "name": "22236",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22236"
          },
          {
            "name": "24799",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24799"
          },
          {
            "name": "ADV-2006-4018",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/4018"
          },
          {
            "name": "22495",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22495"
          },
          {
            "name": "openssh-signal-handler-race-condition(29254)",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29254"
          },
          {
            "name": "20241",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/20241"
          },
          {
            "name": "ADV-2007-1332",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/1332"
          },
          {
            "name": "29264",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/29264"
          },
          {
            "name": "22823",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22823"
          },
          {
            "name": "FreeBSD-SA-06:22.openssh",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:22.openssh.asc"
          },
          {
            "name": "SSA:2006-272-02",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.592566"
          },
          {
            "name": "RHSA-2006:0697",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0697.html"
          },
          {
            "name": "OpenPKG-SA-2006.022",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.022-openssh.html"
          },
          {
            "name": "22183",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22183"
          },
          {
            "name": "[openssh-unix-dev] 20060927 Announce: OpenSSH 4.4 released",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=openssh-unix-dev\u0026m=115939141729160\u0026w=2"
          },
          {
            "name": "ADV-2007-0930",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/0930"
          },
          {
            "name": "[security-announce] 20070409 Globus Security Advisory 2007-02: GSI-OpenSSH vulnerability",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www-unix.globus.org/mail_archive/security-announce/2007/04/msg00000.html"
          },
          {
            "name": "22926",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22926"
          },
          {
            "name": "22173",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22173"
          },
          {
            "name": "1016940",
            "tags": [
              "vdb-entry",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1016940"
          },
          {
            "name": "22208",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22208"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
          },
          {
            "name": "22245",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22245"
          },
          {
            "name": "20061001-01-P",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc"
          },
          {
            "name": "22196",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22196"
          },
          {
            "name": "DSA-1212",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1212"
          },
          {
            "name": "RHSA-2006:0698",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2006-0698.html"
          },
          {
            "name": "22158",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/22158"
          },
          {
            "name": "MDKSA-2006:179",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:179"
          },
          {
            "name": "DSA-1189",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2006/dsa-1189"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-216.htm"
          },
          {
            "name": "24479",
            "tags": [
              "third-party-advisory",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/24479"
          },
          {
            "name": "[oss-security] 20240701 CVE-2024-6387: RCE in OpenSSH\u0027s server, on glibc-based Linux systems",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/01/3"
          },
          {
            "name": "[oss-security] 20240728 Re: Announce: OpenSSH 9.8 released",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/28/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openwall.com/lists/oss-security/2024/07/28/3"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-09-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-29T00:34:17.921429",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "FreeBSD-SA-06:22",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://security.freebsd.org/advisories/FreeBSD-SA-06%3A22.openssh.asc"
        },
        {
          "url": "http://sourceforge.net/forum/forum.php?forum_id=681763"
        },
        {
          "name": "22270",
          "tags": [
            "third-party-advisory"
          ],
          "url": "http://secunia.com/advisories/22270"
        },
        {
          "url": "http://www.arkoon.fr/upload/alertes/43AK-2006-09-FR-1.0_SSL360_OPENSSH.pdf"
        },
        {
          "name": "USN-355-1",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.ubuntu.com/usn/usn-355-1"
        },
        {
          "name": "[freebsd-security] 20061002 FreeBSD Security Advisory FreeBSD-SA-06:22.openssh",
          "tags": [
            "mailing-list"
          ],
          "url": "http://lists.freebsd.org/pipermail/freebsd-security/2006-October/004051.html"
        },
        {
          "url": "http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html"
        },
        {
          "name": "oval:org.mitre.oval:def:11387",
          "tags": [
            "vdb-entry",
            "signature"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11387"
        },
        {
          "url": "http://openssh.org/txt/release-4.4"
        },
        {
          "name": "24805",
          "tags": [
            "third-party-advisory"
          ],
          "url": "http://secunia.com/advisories/24805"
        },
        {
          "name": "VU#851340",
          "tags": [
            "third-party-advisory"
          ],
          "url": "http://www.kb.cert.org/vuls/id/851340"
        },
        {
          "name": "[2.9] 015: SECURITY FIX: October 12, 2006",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.openbsd.org/errata.html#ssh"
        },
        {
          "name": "22487",
          "tags": [
            "third-party-advisory"
          ],
          "url": "http://secunia.com/advisories/22487"
        },
        {
          "name": "TA07-072A",
          "tags": [
            "third-party-advisory"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA07-072A.html"
        },
        {
          "url": "http://www.arkoon.fr/upload/alertes/36AK-2006-07-FR-1.0_FAST360_OPENSSH.pdf"
        },
        {
          "name": "GLSA-200611-06",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200611-06.xml"
        },
        {
          "name": "SUSE-SA:2006:062",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.novell.com/linux/security/advisories/2006_62_openssh.html"
        },
        {
          "name": "22362",
          "tags": [
            "third-party-advisory"
          ],
          "url": "http://secunia.com/advisories/22362"
        },
        {
          "name": "23680",
          "tags": [
            "third-party-advisory"
          ],
          "url": "http://secunia.com/advisories/23680"
        },
        {
          "name": "APPLE-SA-2007-03-13",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html"
        },
        {
          "url": "http://docs.info.apple.com/article.html?artnum=305214"
        },
        {
          "name": "22352",
          "tags": [
            "third-party-advisory"
          ],
          "url": "http://secunia.com/advisories/22352"
        },
        {
          "name": "ADV-2006-4329",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/4329"
        },
        {
          "name": "22236",
          "tags": [
            "third-party-advisory"
          ],
          "url": "http://secunia.com/advisories/22236"
        },
        {
          "name": "24799",
          "tags": [
            "third-party-advisory"
          ],
          "url": "http://secunia.com/advisories/24799"
        },
        {
          "name": "ADV-2006-4018",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/4018"
        },
        {
          "name": "22495",
          "tags": [
            "third-party-advisory"
          ],
          "url": "http://secunia.com/advisories/22495"
        },
        {
          "name": "openssh-signal-handler-race-condition(29254)",
          "tags": [
            "vdb-entry"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29254"
        },
        {
          "name": "20241",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.securityfocus.com/bid/20241"
        },
        {
          "name": "ADV-2007-1332",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/1332"
        },
        {
          "name": "29264",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.osvdb.org/29264"
        },
        {
          "name": "22823",
          "tags": [
            "third-party-advisory"
          ],
          "url": "http://secunia.com/advisories/22823"
        },
        {
          "name": "FreeBSD-SA-06:22.openssh",
          "tags": [
            "vendor-advisory"
          ],
          "url": "ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:22.openssh.asc"
        },
        {
          "name": "SSA:2006-272-02",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.592566"
        },
        {
          "name": "RHSA-2006:0697",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0697.html"
        },
        {
          "name": "OpenPKG-SA-2006.022",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.022-openssh.html"
        },
        {
          "name": "22183",
          "tags": [
            "third-party-advisory"
          ],
          "url": "http://secunia.com/advisories/22183"
        },
        {
          "name": "[openssh-unix-dev] 20060927 Announce: OpenSSH 4.4 released",
          "tags": [
            "mailing-list"
          ],
          "url": "http://marc.info/?l=openssh-unix-dev\u0026m=115939141729160\u0026w=2"
        },
        {
          "name": "ADV-2007-0930",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/0930"
        },
        {
          "name": "[security-announce] 20070409 Globus Security Advisory 2007-02: GSI-OpenSSH vulnerability",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www-unix.globus.org/mail_archive/security-announce/2007/04/msg00000.html"
        },
        {
          "name": "22926",
          "tags": [
            "third-party-advisory"
          ],
          "url": "http://secunia.com/advisories/22926"
        },
        {
          "name": "22173",
          "tags": [
            "third-party-advisory"
          ],
          "url": "http://secunia.com/advisories/22173"
        },
        {
          "name": "1016940",
          "tags": [
            "vdb-entry"
          ],
          "url": "http://securitytracker.com/id?1016940"
        },
        {
          "name": "22208",
          "tags": [
            "third-party-advisory"
          ],
          "url": "http://secunia.com/advisories/22208"
        },
        {
          "url": "http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html"
        },
        {
          "name": "22245",
          "tags": [
            "third-party-advisory"
          ],
          "url": "http://secunia.com/advisories/22245"
        },
        {
          "name": "20061001-01-P",
          "tags": [
            "vendor-advisory"
          ],
          "url": "ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc"
        },
        {
          "name": "22196",
          "tags": [
            "third-party-advisory"
          ],
          "url": "http://secunia.com/advisories/22196"
        },
        {
          "name": "DSA-1212",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1212"
        },
        {
          "name": "RHSA-2006:0698",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2006-0698.html"
        },
        {
          "name": "22158",
          "tags": [
            "third-party-advisory"
          ],
          "url": "http://secunia.com/advisories/22158"
        },
        {
          "name": "MDKSA-2006:179",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.mandriva.com/security/advisories?name=MDKSA-2006:179"
        },
        {
          "name": "DSA-1189",
          "tags": [
            "vendor-advisory"
          ],
          "url": "http://www.debian.org/security/2006/dsa-1189"
        },
        {
          "url": "http://support.avaya.com/elmodocs2/security/ASA-2006-216.htm"
        },
        {
          "name": "24479",
          "tags": [
            "third-party-advisory"
          ],
          "url": "http://secunia.com/advisories/24479"
        },
        {
          "name": "[oss-security] 20240701 CVE-2024-6387: RCE in OpenSSH\u0027s server, on glibc-based Linux systems",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2024/07/01/3"
        },
        {
          "name": "[oss-security] 20240728 Re: Announce: OpenSSH 9.8 released",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2024/07/28/3"
        },
        {
          "url": "https://www.openwall.com/lists/oss-security/2024/07/28/3"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2006-5051",
    "datePublished": "2006-09-27T23:00:00",
    "dateReserved": "2006-09-27T00:00:00",
    "dateUpdated": "2024-08-07T19:32:23.380Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-5051\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2006-09-27T23:07:00.000\",\"lastModified\":\"2024-11-21T00:17:40.373\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free.\"},{\"lang\":\"es\",\"value\":\"Condici\u00f3n de carrera en el manejador de se\u00f1al OpenSSH en versiones anteriores a 4.4 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda) y posiblemente ejecutar c\u00f3digo arbitrario si la autenticaci\u00f3n GSSAPI est\u00e1 habilitada, a trav\u00e9s de vectores no especificados que conducen a una doble liberaci\u00f3n.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-415\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.4\",\"matchCriteriaId\":\"3E3FE4E6-870E-4F84-9D50-7BF48ADFB380\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2E0C1F8-31F5-4F61-9DF7-E49B43D3C873\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.3.9\",\"matchCriteriaId\":\"6CE37418-3D19-483A-9ADE-2E38272A4ACC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.4\",\"versionEndIncluding\":\"10.4.8\",\"matchCriteriaId\":\"39D14EF2-E8E0-4021-A493-E822612FFB35\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"10.3.9\",\"matchCriteriaId\":\"3E9A9D63-EEA1-4289-8382-6CC91D2241A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:apple:mac_os_x_server:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"10.4\",\"versionEndIncluding\":\"10.4.8\",\"matchCriteriaId\":\"D0D26E9A-DF4A-4795-BE74-2196127BB3E7\"}]}]}],\"references\":[{\"url\":\"ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:22.openssh.asc\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://docs.info.apple.com/article.html?artnum=305214\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://lists.freebsd.org/pipermail/freebsd-security/2006-October/004051.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=openssh-unix-dev\u0026m=115939141729160\u0026w=2\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://openssh.org/txt/release-4.4\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"http://secunia.com/advisories/22158\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22173\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22183\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22196\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22208\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22236\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22245\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22270\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22352\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22362\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22487\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22495\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/22823\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22926\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/23680\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/24479\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/24799\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/24805\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://security.freebsd.org/advisories/FreeBSD-SA-06%3A22.openssh.asc\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-200611-06.xml\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://securitytracker.com/id?1016940\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.592566\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://sourceforge.net/forum/forum.php?forum_id=681763\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2006-216.htm\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-unix.globus.org/mail_archive/security-announce/2007/04/msg00000.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.arkoon.fr/upload/alertes/36AK-2006-07-FR-1.0_FAST360_OPENSSH.pdf\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.arkoon.fr/upload/alertes/43AK-2006-09-FR-1.0_SSL360_OPENSSH.pdf\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.debian.org/security/2006/dsa-1189\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.debian.org/security/2006/dsa-1212\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/851340\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2006:179\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.novell.com/linux/security/advisories/2006_62_openssh.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.openbsd.org/errata.html#ssh\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.022-openssh.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/01/3\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/28/3\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://www.osvdb.org/29264\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2006-0697.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2006-0698.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/bid/20241\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/usn-355-1\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA07-072A.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/4018\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/4329\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/0930\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/1332\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/29254\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11387\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2024/07/28/3\",\"source\":\"secalert@redhat.com\"},{\"url\":\"ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:22.openssh.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://docs.info.apple.com/article.html?artnum=305214\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://lists.freebsd.org/pipermail/freebsd-security/2006-October/004051.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=openssh-unix-dev\u0026m=115939141729160\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://openssh.org/txt/release-4.4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"http://secunia.com/advisories/22158\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22173\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22183\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22196\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22208\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22236\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22245\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22270\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22352\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22362\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22487\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22495\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/22823\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/22926\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/23680\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/24479\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/24799\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/24805\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://security.freebsd.org/advisories/FreeBSD-SA-06%3A22.openssh.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://security.gentoo.org/glsa/glsa-200611-06.xml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://securitytracker.com/id?1016940\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://slackware.com/security/viewer.php?l=slackware-security\u0026y=2006\u0026m=slackware-security.592566\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://sourceforge.net/forum/forum.php?forum_id=681763\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://support.avaya.com/elmodocs2/security/ASA-2006-216.htm\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www-unix.globus.org/mail_archive/security-announce/2007/04/msg00000.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.arkoon.fr/upload/alertes/36AK-2006-07-FR-1.0_FAST360_OPENSSH.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.arkoon.fr/upload/alertes/43AK-2006-09-FR-1.0_SSL360_OPENSSH.pdf\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.debian.org/security/2006/dsa-1189\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://www.debian.org/security/2006/dsa-1212\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/851340\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.mandriva.com/security/advisories?name=MDKSA-2006:179\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.novell.com/linux/security/advisories/2006_62_openssh.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.openbsd.org/errata.html#ssh\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.022-openssh.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/01/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/07/28/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.osvdb.org/29264\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2006-0697.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.redhat.com/support/errata/RHSA-2006-0698.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/bid/20241\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.ubuntu.com/usn/usn-355-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA07-072A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/4018\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2006/4329\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/0930\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/1332\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/29254\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11387\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2024/07/28/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}],\"evaluatorImpact\":\"Successful code execution exploitation requires that GSSAPI authentication is enabled.\",\"vendorComments\":[{\"organization\":\"Red Hat\",\"comment\":\"Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.\",\"lastModified\":\"2007-03-14T00:00:00\"}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.