CVE-2006-5052
⚪ Do wiadomości
Nieokreślona podatność w OpenSSH umożliwia zdalnym atakującym sprawdzenie ważności nazw użytkowników.
CVSS
5.0
EPSS
15.0%
Exploit
none
Vendor
openbsd
Opis źródłowy (NVD)
Unspecified vulnerability in portable OpenSSH before 4.4, when running on some platforms, allows remote attackers to determine the validity of usernames via unknown vectors involving a GSSAPI "authentication abort."
brak
Brak patcha
Źródła i daty
| Źródło | Wartość |
|---|---|
| NVD – CVSS | 5.0 |
| CISA KEV (aktywnie wykorzystywane) | Nie |
| FIRST EPSS (prawdopodobieństwo exploita) | 15.0% |
| Opublikowano (NVD) | 2006-09-27 23:07:00 UTC |
| Ostatnia modyfikacja (NVD) | 2026-04-23 00:35:47 UTC |
Referencje
- http://docs.info.apple.com/article.html?artnum=305214 (secalert@redhat.com)
- http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html (secalert@redhat.com)
- http://marc.info/?l=openssh-unix-dev&m=115939141729160&w=2 (secalert@redhat.com)
- http://openssh.org/txt/release-4.4 (secalert@redhat.com)
- http://rhn.redhat.com/errata/RHSA-2006-0697.html (secalert@redhat.com) [Patch]
- http://secunia.com/advisories/22158 (secalert@redhat.com) [Patch, Vendor Advisory]
- http://secunia.com/advisories/22173 (secalert@redhat.com) [Patch, Vendor Advisory]
- http://secunia.com/advisories/22495 (secalert@redhat.com)
- http://secunia.com/advisories/22823 (secalert@redhat.com)
- http://secunia.com/advisories/24479 (secalert@redhat.com)
- http://secunia.com/advisories/27588 (secalert@redhat.com)
- http://secunia.com/advisories/28320 (secalert@redhat.com)
- http://security.gentoo.org/glsa/glsa-200611-06.xml (secalert@redhat.com)
- http://securitytracker.com/id?1016939 (secalert@redhat.com) [Patch]
- http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.592566 (secalert@redhat.com) [Patch]
- http://support.avaya.com/elmodocs2/security/ASA-2007-527.htm (secalert@redhat.com)
- http://www.novell.com/linux/security/advisories/2006_62_openssh.html (secalert@redhat.com)
- http://www.osvdb.org/29266 (secalert@redhat.com)
- http://www.redhat.com/support/errata/RHSA-2007-0540.html (secalert@redhat.com)
- http://www.redhat.com/support/errata/RHSA-2007-0703.html (secalert@redhat.com)
- http://www.securityfocus.com/archive/1/447861/100/200/threaded (secalert@redhat.com)
- http://www.securityfocus.com/bid/20245 (secalert@redhat.com) [Patch]
- http://www.us-cert.gov/cas/techalerts/TA07-072A.html (secalert@redhat.com) [US Government Resource]
- http://www.vupen.com/english/advisories/2007/0930 (secalert@redhat.com)
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29255 (secalert@redhat.com)
- https://issues.rpath.com/browse/RPL-681 (secalert@redhat.com)
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10178 (secalert@redhat.com)