CVE-2011-5000
published 2012-04-05CVE-2011-5000: The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users…
PriorityP414low3.5CVSS 2.0
AVNACMAuSCNINAP
EPSS
2.60%
83.4th percentile
The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.
Affected
71 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | openssh | < openssh 1:5.9p1-1 (bookworm) | openssh 1:5.9p1-1 (bookworm) |
| openbsd | openssh | <= 5.8 | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
| openbsd | openssh | — | — |
CVSS provenance
nvdv2.03.5LOWAV:N/AC:M/Au:S/C:N/I:N/A:P
osv3.5LOW
vendor_debian3.5LOW
vendor_redhat3.5LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
openssh: post-authentication resource exhaustion bug via GSSAPI
vendor_redhat·2011-08-01·CVSS 3.5
CVE-2011-5000 [LOW] CWE-400 openssh: post-authentication resource exhaustion bug via GSSAPI
openssh: post-authentication resource exhaustion bug via GSSAPI
The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.
Package: openssh (Red Hat Enterprise Linux 4) - Will not fix
Package: openssh (Red Hat Enterprise Linux 5) - Will not fix
Debian
CVE-2011-5000: openssh - The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, wh...
vendor_debian·2011·CVSS 3.5
CVE-2011-5000 [LOW] CVE-2011-5000: openssh - The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, wh...
The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.
Scope: local
bookworm: resolved (fixed in 1:5.9p1-1)
bullseye: resolved (fixed in 1:5.9p1-1)
forky: resolved (fixed in 1:5.9p1-1)
sid: resolved (fixed in 1:5.9p1-1)
trixie: resolved (fixed in 1:5.9p1-1)
Cisco
Cisco Nexus 5000 and 3000 Series Switches Access Control List Bypass Vulnerability
vendor_cisco
CVE-2011-2581 Cisco Nexus 5000 and 3000 Series Switches Access Control List Bypass Vulnerability
CVE-2011-2581: Cisco Nexus 5000 and 3000 Series Switches Access Control List Bypass Vulnerability
A vulnerability exists in Cisco Nexus 5000 and 3000 Series Switches that may allow traffic to bypass deny statements in access control lists (ACLs) that are configured on the device. Cisco has released software updates that address this vulnerability. A workaround is available to mitigate this vulnerability. This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20110907-nexus .
Bug IDs: CSCto09813, CSCtr61490
GHSA
GHSA-wq52-9gh8-cwrp: The ssh_gssapi_parse_ename function in gss-serv
ghsa_unreviewed·2022-05-17
CVE-2011-5000 [LOW] GHSA-wq52-9gh8-cwrp: The ssh_gssapi_parse_ename function in gss-serv
The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.
OSV
CVE-2011-5000: The ssh_gssapi_parse_ename function in gss-serv
osv·2012-04-05·CVSS 3.5
CVE-2011-5000 [LOW] CVE-2011-5000: The ssh_gssapi_parse_ename function in gss-serv
The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.
No detection rules found.
Exploit-DB
CyberLink (Multiple Products) - File Project Handling Stack Buffer Overflow (PoC)
exploitdb·2011-12-09
CVE-2011-5171 CyberLink (Multiple Products) - File Project Handling Stack Buffer Overflow (PoC)
CyberLink (Multiple Products) - File Project Handling Stack Buffer Overflow (PoC)
---
#!/usr/bin/python
#
# Exploit Title: CyberLink Multiple Products File Project Handling Stack Buffer Overflow POC
# by: modpr0be[at]spentera[dot]com (@modpr0be)
# Platform: Windows
# Tested on: Windows XP SP3, Windows 7 SP1 with:
# CyberLink Power2Go 7 (build 196)
# CyberLink Power2Go 8 (build 1031)
# CyberLink WaveEditor 2.0 (build 2204)
# Software Link: http://www.cyberlink.com/downloads/trials/index_en_US.html
# CVE : -
### Software Description
# CyberLink Power2Go is all-media disc burning software.
# Copy all your media to any disc with Power2Go 8! With new System Recovery tools
# and over 5000 free DVD menus to choose from on DirectorZone.com, Power2Go 8 not
# only burns everything but allows you
Exploit-DB
Rockwell RSLogix 19 - Denial of Service
exploitdb·2011-09-14
CVE-2011-3489 Rockwell RSLogix 19 - Denial of Service
Rockwell RSLogix 19 - Denial of Service
---
#######################################################################
Luigi Auriemma
Application: Rockwell RSLogix
http://www.rockwellautomation.com/rockwellsoftware/design/rslogix5000/
Versions: <= 19 (RsvcHost.exe 2.30.0.23)
Platforms: Windows
Bug: Denial of Service
Exploitation: remote
Date: 13 Sep 2011
Author: Luigi Auriemma
e-mail: [email protected]
web: aluigi.org
#######################################################################
1) Introduction
2) Bug
3) The Code
4) Fix
#######################################################################
1) Introduction
From vendor's website:
"With RSLogix 5000 programming software, you need only one software
package for discrete, process, batch, motion, safety and drive-based
app
Bugzilla
CVE-2011-5000 openssh: post-authentication resource exhaustion bug via GSSAPI
bugzilla·2012-04-04·CVSS 3.5
CVE-2011-5000 [LOW] CVE-2011-5000 openssh: post-authentication resource exhaustion bug via GSSAPI
CVE-2011-5000 openssh: post-authentication resource exhaustion bug via GSSAPI
Common Vulnerabilities and Exposures assigned an identifier CVE-2011-5000 to
the following vulnerability:
Name: CVE-2011-5000
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5000
Assigned: 20111224
Reference: FULLDISC:20110801 Useless OpenSSH resources exhausion bug via GSSAPI
Reference: http://seclists.org/fulldisclosure/2011/Aug/2
Reference: http://site.pi3.com.pl/adv/ssh_1.txt
The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and
earlier, when gssapi-with-mic authentication is enabled, allows remote
authenticated users to cause a denial of service (memory consumption)
via a large value in a certain length field. NOTE: there may be
limited scenarios in which this issue is relevant.
Bugzilla
CVE-2011-5000 openssh: post-authentication resource exhaustion bug via GSSAPI [fedora-all]
bugzilla·2012-04-04·CVSS 3.5
CVE-2011-5000 [LOW] CVE-2011-5000 openssh: post-authentication resource exhaustion bug via GSSAPI [fedora-all]
CVE-2011-5000 openssh: post-authentication resource exhaustion bug via GSSAPI [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include this bug ID and the
bug IDs of this bug's parent bugs filed against the "Security Response"
product (the top-level CVE bugs). Please mention the CVE IDs being fixed
in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/
2012-04-05
Published