[Forgot Password]
Login  Register Subscribe

23631

 
 

115083

 
 

97147

 
 

909

 
 

78764

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2006-5051

Date: (C)2006-09-27   (M)2017-10-12 


Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free.

CVSS Score: 9.3Access Vector: NETWORK
Exploit Score: 8.6Access Complexity: MEDIUM
Impact Score: 10.0Authentication: NONE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE





Reference:
SECTRACK-1016940
20061001-01-P
BID-20241
SECUNIA-22158
SECUNIA-22173
SECUNIA-22183
SECUNIA-22196
SECUNIA-22208
SECUNIA-22236
SECUNIA-22245
SECUNIA-22270
SECUNIA-22352
SECUNIA-22362
SECUNIA-22487
SECUNIA-22495
SECUNIA-22823
SECUNIA-22926
SECUNIA-23680
SECUNIA-24479
SECUNIA-24799
SECUNIA-24805
OSVDB-29264
ADV-2006-4018
ADV-2006-4329
ADV-2007-0930
ADV-2007-1332
APPLE-SA-2007-03-13
DSA-1189
DSA-1212
FreeBSD-SA-06:22
FreeBSD-SA-06:22.openssh
GLSA-200611-06
IAVM:2012-A-0136
MDKSA-2006:179
OpenPKG-SA-2006.022
RHSA-2006:0697
RHSA-2006:0698
SSA:2006-272-02
SUSE-SA:2006:062
TA07-072A
USN-355-1
VU#851340
http://www.openbsd.org/errata.html#ssh
http://lists.freebsd.org/pipermail/freebsd-security/2006-October/004051.html
http://marc.info/?l=openssh-unix-dev&m=115939141729160&w=2
http://www-unix.globus.org/mail_archive/security-announce/2007/04/msg00000.html
http://docs.info.apple.com/article.html?artnum=305214
http://openssh.org/txt/release-4.4
http://sourceforge.net/forum/forum.php?forum_id=681763
http://support.avaya.com/elmodocs2/security/ASA-2006-216.htm
http://www.arkoon.fr/upload/alertes/36AK-2006-07-FR-1.0_FAST360_OPENSSH.pdf
http://www.arkoon.fr/upload/alertes/43AK-2006-09-FR-1.0_SSL360_OPENSSH.pdf
http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html
http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html
openssh-signal-handler-race-condition(29254)

CPE    56
cpe:/a:openbsd:openssh:3.7.1p2
cpe:/a:openbsd:openssh:3.9.1p1
cpe:/a:openbsd:openssh:3.1
cpe:/a:openbsd:openssh:3.0
...
CWE    1
CWE-362
OVAL    1
oval:org.mitre.oval:def:8085

© 2013 SecPod Technologies