CVE-2006-5052 — Openssh vulnerability

10 documents7 sources

Severity

5.0MEDIUMNVD

EPSS

15.0%

top 5.43%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Openbsd Openssh

Timeline

PublishedSep 27

Latest updateMay 1

Description

Unspecified vulnerability in portable OpenSSH before 4.4, when running on some platforms, allows remote attackers to determine the validity of usernames via unknown vectors involving a GSSAPI "authentication abort."

CVSS vector

AV:N/AC:L/C:P/I:N/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

▶Debianopenbsd/openssh< 1:4.6p1-1+3

▶NVDopenbsd/openssh56 versions+55

Patches

Patch: rhn.redhat.com ↗Patch: secunia.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-mhjc-ghvw-2hvv: Unspecified vulnerability in portable OpenSSH before 4↗2022-05-01

▶

OSV

CVE-2006-5052: Unspecified vulnerability in portable OpenSSH before 4↗2006-09-27

▶

CVEList

CVE-2006-5052: Unspecified vulnerability in portable OpenSSH before 4↗2006-09-27

▶

📋Vendor Advisories

Red Hat

Kerberos information leak↗2006-09-28

▶

Debian

CVE-2006-5052: openssh - Unspecified vulnerability in portable OpenSSH before 4.4, when running on some p...↗2006

▶

💬Community

Bugzilla

CVE-2006-5052 GSSAPI information leak↗2007-03-30

▶

Bugzilla

CVE-2006-5052 Kerberos information leak↗2007-03-30

▶

Bugzilla

CVE-2006-5052 GSSAPI information leak↗2007-03-30

▶

Bugzilla

CVE-2006-5052 GSSAPI information leak↗2006-09-27

▶