[Forgot Password]
Login  Register Subscribe

30479

 
 

423868

 
 

250038

 
 

909

 
 

195843

 
 

282

 
Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2005-2798Date: (C)2005-09-06   (M)2023-12-22


sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 5.0
Exploit Score: 10.0
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: LOW
Authentication: NONE
Confidentiality: PARTIAL
Integrity: NONE
Availability: NONE
  
Reference:
SECTRACK-1014845
BID-14729
SECUNIA-16686
SECUNIA-17077
SECUNIA-17245
SECUNIA-18010
SECUNIA-18406
SECUNIA-18507
SECUNIA-18661
SECUNIA-18717
OSVDB-19141
ADV-2006-0144
HPSBUX02090
MDKSA-2005:172
RHSA-2005:527
SCOSA-2005.53
SUSE-SR:2006:003
USN-209-1
http://www.mindrot.org/pipermail/openssh-unix-announce/2005-September/000083.html
hpux-secure-shell-dos(24064)
http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm
http://support.avaya.com/elmodocs2/security/ASA-2006-033.htm
oval:org.mitre.oval:def:1345
oval:org.mitre.oval:def:1566
oval:org.mitre.oval:def:9717

CPE    32
cpe:/a:openbsd:openssh:3.7.1p2
cpe:/a:openbsd:openssh:3.9.1p1
cpe:/a:openbsd:openssh:3.1
cpe:/a:openbsd:openssh:3.0
...

© SecPod Technologies