cbcvebase.
CVE-2006-5794
published 2006-11-08

CVE-2006-5794: Unspecified vulnerability in the sshd Privilege Separation Monitor in OpenSSH before 4.5 causes weaker verification that authentication has been successful…

PriorityP337high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
2.68%
83.9th percentile
Unspecified vulnerability in the sshd Privilege Separation Monitor in OpenSSH before 4.5 causes weaker verification that authentication has been successful, which might allow attackers to bypass authentication. NOTE: as of 20061108, it is believed that this issue is only exploitable by leveraging vulnerabilities in the unprivileged process, which are not known to exist.

Affected

6 ranges
VendorProductVersion rangeFixed in
debianopenssh< openssh 1:4.3p2-6 (bookworm)openssh 1:4.3p2-6 (bookworm)
openbsdopenssh<= 4.4
openbsdopenssh>= 0 < 1:4.3p2-61:4.3p2-6
openbsdopenssh>= 0 < 1:4.3p2-61:4.3p2-6
openbsdopenssh>= 0 < 1:4.3p2-61:4.3p2-6
openbsdopenssh>= 0 < 1:4.3p2-61:4.3p2-6

CVSS provenance

nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5LOW
vendor_redhat7.5HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.