CVE-2006-5794 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2006-5794
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-5794

Description: Unspecified vulnerability in the sshd Privilege Separation Monitor in OpenSSH before 4.5 causes weaker verification that authentication has been successful, which might allow attackers to bypass authentication. NOTE: as of 20061108, it is believed that this issue is only exploitable by leveraging vulnerabilities in the unprivileged process, which are not known to exist.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/30120 SUSE http://www.novell.com/linux/security/advisories/2006_26_sr.html ST 1017183 SGI SAID Secunia Advisory: SA22772 Secunia Advisory: SA22814 Secunia Advisory: SA22778 Secunia Advisory: SA22773 Secunia Advisory: SA22771 Secunia Advisory: SA22872 Secunia Advisory: SA23513 Secunia Advisory: SA23680 Secunia Advisory: SA24055 Secunia Advisory: SA22932 REDHAT http://rhn.redhat.com/errata/RHSA-2006-0738.html OPENPKG http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.032-openssh.html MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:204 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2007-048.htm http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227 http://sourceforge.net/project/shownotes.php?release_id=461854&group_id=69227 http://www.openssh.org/txt/release-4.5 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/451100/100/0/threaded BID 20956

Return to the previous page.