CVE Reference: CVE-2006-5052

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2006-5052

Description:
Unspecified vulnerability in portable OpenSSH before 4.4, when running on some platforms, allows remote attackers to determine the validity of usernames via unknown vectors involving a GSSAPI "authentication abort."

CVE Status:
Candidate

References:

XF
  http://xforce.iss.net/xforce/xfdb/29255

SUSE
  http://www.novell.com/linux/security/advisories/2006_62_openssh.html

ST
  1016939

SLACKWARE
  http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.592566

SAID
  Secunia Advisory: SA24479
  Secunia Advisory: SA22823
  Secunia Advisory: SA22495
  Secunia Advisory: SA22173
  Secunia Advisory: SA22158
  Secunia Advisory: SA27588
  Secunia Advisory: SA28320

REDHAT
  http://www.redhat.com/support/errata/RHSA-2007-0540.html
  http://www.redhat.com/support/errata/RHSA-2007-0703.html
  http://rhn.redhat.com/errata/RHSA-2006-0697.html

OVAL
  http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10178

OSVDB
  29266

MLIST
  http://marc.theaimsgroup.com/?l=openssh-unix-dev&m=115939141729160&w=2

GENTOO
  http://security.gentoo.org/glsa/glsa-200611-06.xml

CONFIRM
  http://support.avaya.com/elmodocs2/security/ASA-2007-527.htm
  http://openssh.org/txt/release-4.4
  http://docs.info.apple.com/article.html?artnum=305214

CERT
  http://www.us-cert.gov/cas/techalerts/TA07-072A.html

BUGTRAQ
  http://www.securityfocus.com/archive/1/archive/1/447861/100/200/threaded

BID
  20245

APPLE
  http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html


Return to the previous page.