CVE-2006-4925

Name of the Vulnerable Software and Affected Versions: openssh-askpass versions (affected versions not specified) openSUSE versions (affected versions not specified)

Description: The issue concerns multiple vulnerabilities in the openssh-askpass package of the openSUSE operating system, which can be exploited remotely to compromise the confidentiality, integrity, and availability of protected information. Specifically, a problem in packet.c in ssh in OpenSSH allows remote attackers to cause a denial of service (crash) by sending an invalid protocol sequence with USERAUTH SUCCESS before NEWKEYS, which causes newkeys[mode] to be NULL.

Recommendations: For openssh-askpass, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For openSUSE, at the moment, there is no information about a newer version that contains a fix for this vulnerability.