CVE-2006-5794
🟡 Monitoruj
Nieokreślona podatność w OpenSSH umożliwia obejście uwierzytelnienia.
CVSS
7.5
EPSS
4.0%
Exploit
none
Vendor
openbsd
Opis źródłowy (NVD)
Unspecified vulnerability in the sshd Privilege Separation Monitor in OpenSSH before 4.5 causes weaker verification that authentication has been successful, which might allow attackers to bypass authentication. NOTE: as of 20061108, it is believed that this issue is only exploitable by leveraging vulnerabilities in the unprivileged process, which are not known to exist.
auth-bypass
Brak patcha
Źródła i daty
| Źródło | Wartość |
|---|---|
| NVD – CVSS | 7.5 |
| CISA KEV (aktywnie wykorzystywane) | Nie |
| FIRST EPSS (prawdopodobieństwo exploita) | 4.0% |
| Opublikowano (NVD) | 2006-11-08 20:07:00 UTC |
| Ostatnia modyfikacja (NVD) | 2026-04-23 00:35:47 UTC |
Referencje
- ftp://patches.sgi.com/support/free/security/advisories/20061201-01-P.asc (secalert@redhat.com)
- http://rhn.redhat.com/errata/RHSA-2006-0738.html (secalert@redhat.com)
- http://secunia.com/advisories/22771 (secalert@redhat.com) [Patch, Vendor Advisory]
- http://secunia.com/advisories/22772 (secalert@redhat.com)
- http://secunia.com/advisories/22773 (secalert@redhat.com) [Patch, Vendor Advisory]
- http://secunia.com/advisories/22778 (secalert@redhat.com)
- http://secunia.com/advisories/22814 (secalert@redhat.com)
- http://secunia.com/advisories/22872 (secalert@redhat.com)
- http://secunia.com/advisories/22932 (secalert@redhat.com)
- http://secunia.com/advisories/23513 (secalert@redhat.com)
- http://secunia.com/advisories/23680 (secalert@redhat.com)
- http://secunia.com/advisories/24055 (secalert@redhat.com)
- http://securitytracker.com/id?1017183 (secalert@redhat.com)
- http://sourceforge.net/project/shownotes.php?release_id=461854&group_id=69227 (secalert@redhat.com)
- http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227 (secalert@redhat.com)
- http://support.avaya.com/elmodocs2/security/ASA-2007-048.htm (secalert@redhat.com)
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:204 (secalert@redhat.com)
- http://www.novell.com/linux/security/advisories/2006_26_sr.html (secalert@redhat.com)
- http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.032-openssh.html (secalert@redhat.com)
- http://www.openssh.org/txt/release-4.5 (secalert@redhat.com)
- http://www.securityfocus.com/archive/1/451100/100/0/threaded (secalert@redhat.com)
- http://www.securityfocus.com/bid/20956 (secalert@redhat.com) [Patch]
- http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html (secalert@redhat.com)
- http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html (secalert@redhat.com)
- http://www.vupen.com/english/advisories/2006/4399 (secalert@redhat.com)
- http://www.vupen.com/english/advisories/2006/4400 (secalert@redhat.com)
- https://exchange.xforce.ibmcloud.com/vulnerabilities/30120 (secalert@redhat.com)
- https://issues.rpath.com/browse/RPL-766 (secalert@redhat.com)
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11840 (secalert@redhat.com)