PT-2006-1044 · Openssh+2 · Openssh+2

Publicado

2006-11-08

·

Atualizado

2024-07-08

·

CVE-2006-5794

CVSS v2.0

7.5

Alta

VetorAV:N/AC:L/Au:N/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions: OpenSSH versions 3.6.1p2 and earlier
Description: The issue affects the confidentiality, integrity, and availability of protected information. It can be exploited remotely. According to the available data, there is an unspecified vulnerability in the sshd Privilege Separation Monitor in OpenSSH before version 4.5, which causes weaker verification that authentication has been successful. This might allow attackers to bypass authentication.
Recommendations: For OpenSSH versions 3.6.1p2 and earlier, update to version 4.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the sshd Privilege Separation Monitor until a patch is available.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Identificadores relacionados

ALT-PU-2024-3921
ALT-PU-2024-4077
ALT-PU-2024-4467
ALT-PU-2024-9513
BDU:2015-07467
BDU:2015-07469
BDU:2015-07471
BDU:2015-07472
BDU:2015-07474
CVE-2006-5794
RHSA-2006:0738
RHSA-2006_0738

Produtos afetados

Alt Linux
Openssh
Red Hat