CVE-2006-5794 — Openssh vulnerability

8 documents7 sources

Severity

7.5HIGHNVD

EPSS

4.0%

top 11.49%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Openbsd Openssh

Timeline

PublishedNov 8

Latest updateMay 3

Description

Unspecified vulnerability in the sshd Privilege Separation Monitor in OpenSSH before 4.5 causes weaker verification that authentication has been successful, which might allow attackers to bypass authentication. NOTE: as of 20061108, it is believed that this issue is only exploitable by leveraging vulnerabilities in the unprivileged process, which are not known to exist.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

▶Debianopenbsd/openssh< 1:4.3p2-6+3

▶NVDopenbsd/openssh4.4

Patches

Patch: secunia.com ↗Patch: secunia.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-5r9x-42xj-4x3r: Unspecified vulnerability in the sshd Privilege Separation Monitor in OpenSSH before 4↗2022-05-03

▶

CVEList

CVE-2006-5794: Unspecified vulnerability in the sshd Privilege Separation Monitor in OpenSSH before 4↗2006-11-08

▶

OSV

CVE-2006-5794: Unspecified vulnerability in the sshd Privilege Separation Monitor in OpenSSH before 4↗2006-11-08

▶

📋Vendor Advisories

Red Hat

OpenSSH privilege separation flaw↗2006-11-07

▶

Debian

CVE-2006-5794: openssh - Unspecified vulnerability in the sshd Privilege Separation Monitor in OpenSSH be...↗2006

▶

💬Community

Bugzilla

CVE-2006-5794 OpenSSH privilege separation flaw↗2006-11-08

▶

Bugzilla

CVE-2006-5794 OpenSSH privilege separation flaw↗2006-11-08

▶