CVE-2005-2798
published 2005-09-06CVE-2005-2798: sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI…
PriorityP418medium5CVSS 2.0
AVNACLAuNCPINAN
EPSS
2.30%
81.1th percentile
sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts.
Affected
37 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | openssh | < openssh 1:4.2p1-1 (bookworm) | openssh 1:4.2p1-1 (bookworm) |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
osv5.0MEDIUM
vendor_debian5.0LOW
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
SSH server vulnerability
vendor_ubuntu·2005-10-18
CVE-2005-2798 SSH server vulnerability
Title: SSH server vulnerability
Summary: SSH server vulnerability
An information disclosure vulnerability has been found in the SSH
server. When the GSSAPIAuthentication option was enabled, the SSH
server could send GSSAPI credentials even to users who attempted to
log in with a method other than GSSAPI. This could inadvertently
expose these credentials to an untrusted user.
Please note that this does not affect the default configuration of the
SSH server.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
security flaw
vendor_redhat·2005-09-01·CVSS 5.0
CVE-2005-2798 [MEDIUM] security flaw
security flaw
sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts.
Statement: This issue does not affect Red Hat Enterprise Linux 2.1 and 3.
This flaw was fixed in Red Hat Enterprise Linux 4 via errata RHSA-2005:527:
http://rhn.redhat.com/errata/RHSA-2005-527.html
Debian
CVE-2005-2798: openssh - sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GS...
vendor_debian·2005·CVSS 5.0
CVE-2005-2798 [MEDIUM] CVE-2005-2798: openssh - sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GS...
sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts.
Scope: local
bookworm: resolved (fixed in 1:4.2p1-1)
bullseye: resolved (fixed in 1:4.2p1-1)
forky: resolved (fixed in 1:4.2p1-1)
sid: resolved (fixed in 1:4.2p1-1)
trixie: resolved (fixed in 1:4.2p1-1)
GHSA
GHSA-qm2w-x4c4-rq55: sshd in OpenSSH before 4
ghsa_unreviewed·2022-05-03
CVE-2005-2798 [MEDIUM] GHSA-qm2w-x4c4-rq55: sshd in OpenSSH before 4
sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts.
OSV
CVE-2005-2798: sshd in OpenSSH before 4
osv·2005-09-06·CVSS 5.0
CVE-2005-2798 [MEDIUM] CVE-2005-2798: sshd in OpenSSH before 4
sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2005-2798 security flaw
bugzilla·2018-08-16·CVSS 5.0
CVE-2005-2798 [MEDIUM] CVE-2005-2798 security flaw
CVE-2005-2798 security flaw
Flaw bug created to hold information about an old flaw we knew something about. For more details see the MITRE CVE description.
Discussion:
MITRE description:
sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts.
---
Statement:
This issue does not affect Red Hat Enterprise Linux 2.1 and 3.
This flaw was fixed in Red Hat Enterprise Linux 4 via errata RHSA-2005:527:
http://rhn.redhat.com/errata/RHSA-2005-527.html
Bugzilla
GSSAPI credentials can be delegated to clients who log in using non-GSSAPI methods
bugzilla·2006-01-25·CVSS 5.0
CVE-2005-2798 [MEDIUM] GSSAPI credentials can be delegated to clients who log in using non-GSSAPI methods
GSSAPI credentials can be delegated to clients who log in using non-GSSAPI methods
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.7.12) Gecko/20050915
Description of problem:
It appears that CVE-2005-2798 has not yet been addressed in RHEL 3.0.
From mitre: "sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts."
I can find not mention of backporting this fix into the version of openssh included in RHEL 3.0.
Version-Release number of selected component (if applicable):
How reproducible:
Didn't try
Steps to Reproduce:
Additional info:
Discussion:
The GSSAPI
ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.53/SCOSA-2005.53.txthttp://lists.suse.com/archive/suse-security-announce/2006-Feb/0001.htmlhttp://secunia.com/advisories/16686http://secunia.com/advisories/17077http://secunia.com/advisories/17245http://secunia.com/advisories/18010http://secunia.com/advisories/18406http://secunia.com/advisories/18507http://secunia.com/advisories/18661http://secunia.com/advisories/18717http://securitytracker.com/id?1014845http://support.avaya.com/elmodocs2/security/ASA-2006-016.htmhttp://support.avaya.com/elmodocs2/security/ASA-2006-033.htmhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:172http://www.mindrot.org/pipermail/openssh-unix-announce/2005-September/000083.htmlhttp://www.osvdb.org/19141http://www.redhat.com/support/errata/RHSA-2005-527.htmlhttp://www.securityfocus.com/archive/1/421411/100/0/threadedhttp://www.securityfocus.com/bid/14729http://www.vupen.com/english/advisories/2006/0144https://exchange.xforce.ibmcloud.com/vulnerabilities/24064https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1345https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1566https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9717https://usn.ubuntu.com/209-1/ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.53/SCOSA-2005.53.txthttp://lists.suse.com/archive/suse-security-announce/2006-Feb/0001.htmlhttp://secunia.com/advisories/16686http://secunia.com/advisories/17077http://secunia.com/advisories/17245http://secunia.com/advisories/18010http://secunia.com/advisories/18406http://secunia.com/advisories/18507http://secunia.com/advisories/18661http://secunia.com/advisories/18717http://securitytracker.com/id?1014845http://support.avaya.com/elmodocs2/security/ASA-2006-016.htmhttp://support.avaya.com/elmodocs2/security/ASA-2006-033.htmhttp://www.mandriva.com/security/advisories?name=MDKSA-2005:172http://www.mindrot.org/pipermail/openssh-unix-announce/2005-September/000083.htmlhttp://www.osvdb.org/19141http://www.redhat.com/support/errata/RHSA-2005-527.htmlhttp://www.securityfocus.com/archive/1/421411/100/0/threadedhttp://www.securityfocus.com/bid/14729http://www.vupen.com/english/advisories/2006/0144https://exchange.xforce.ibmcloud.com/vulnerabilities/24064https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1345https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1566https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9717https://usn.ubuntu.com/209-1/
2005-09-06
Published