cbcvebase.
CVE-2006-5051
published 2006-09-27

CVE-2006-5051: Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI…

PriorityP348high8.1CVSS 3.1
AVNACHPRNUINSUCHIHAH
EPSS
44.96%
98.6th percentile
Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free.

Affected

122 ranges· showing 25
VendorProductVersion rangeFixed in
almalinuxalmalinux
amazonamazon_linux
applemac_os_x< 10.3.910.3.9
applemac_os_x10.4 – 10.4.8
applemac_os_x_server< 10.3.910.3.9
applemac_os_x_server10.4 – 10.4.8
applemacos>= 12.0 < 12.7.612.7.6
applemacos>= 13.0 < 13.6.813.6.8
applemacos>= 14.0 < 14.614.6
aristaeos4.32.0 – 4.32.1f
canonicalubuntu_linux
canonicalubuntu_linux
canonicalubuntu_linux
canonicalubuntu_linux
canonicalubuntu_linux
debiandebian_linux
debiandebian_linux
debianopenssh< openssh 1:4.6p1-1 (bookworm)openssh 1:4.6p1-1 (bookworm)
debianopenssh< openssh 1:9.2p1-2+deb12u3 (bookworm)openssh 1:9.2p1-2+deb12u3 (bookworm)
freebsdfreebsd
freebsdfreebsd
freebsdfreebsd
freebsdfreebsd
freebsdfreebsd>= 13.3-RELEASE < p5p5
freebsdfreebsd>= 14.0-RELEASE < p9p9

CVSS provenance

nvdv3.18.1HIGHCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
osv8.1HIGH
vulncheck8.1HIGH
vendor_debian8.1LOW
vendor_redhat8.1HIGH
vendor_ubuntu7.8HIGH
vendor_cisco3.1
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.