Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2011-5000
HistoryApr 05, 2012 - 2:55 p.m.

CVE-2011-5000

2012-04-0514:55:03
CWE-189
[email protected]
web.nvd.nist.gov
6

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

AI Score

5.8

Confidence

High

EPSS

0.004

Percentile

72.0%

JSON

The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.

Affected configurations

Nvd
Node
openbsdopensshRange5.8
OR
openbsdopensshMatch1.2
OR
openbsdopensshMatch1.2.1
OR
openbsdopensshMatch1.2.2
OR
openbsdopensshMatch1.2.3
OR
openbsdopensshMatch1.2.27
OR
openbsdopensshMatch1.3
OR
openbsdopensshMatch1.5
OR
openbsdopensshMatch1.5.7
OR
openbsdopensshMatch1.5.8
OR
openbsdopensshMatch3.0
OR
openbsdopensshMatch3.0.1
OR
openbsdopensshMatch3.0.1p1
OR
openbsdopensshMatch3.0.2
OR
openbsdopensshMatch3.0.2p1
OR
openbsdopensshMatch3.0p1
OR
openbsdopensshMatch3.1
OR
openbsdopensshMatch3.1p1
OR
openbsdopensshMatch3.2
OR
openbsdopensshMatch3.2.2
OR
openbsdopensshMatch3.2.2p1
OR
openbsdopensshMatch3.2.3p1
OR
openbsdopensshMatch3.3
OR
openbsdopensshMatch3.3p1
OR
openbsdopensshMatch3.4
OR
openbsdopensshMatch3.4p1
OR
openbsdopensshMatch3.5
OR
openbsdopensshMatch3.5p1
OR
openbsdopensshMatch3.6
OR
openbsdopensshMatch3.6.1
OR
openbsdopensshMatch3.6.1p1
OR
openbsdopensshMatch3.6.1p2
OR
openbsdopensshMatch3.7
OR
openbsdopensshMatch3.7.1
OR
openbsdopensshMatch3.7.1p1
OR
openbsdopensshMatch3.7.1p2
OR
openbsdopensshMatch3.8
OR
openbsdopensshMatch3.8.1
OR
openbsdopensshMatch3.8.1p1
OR
openbsdopensshMatch3.9
OR
openbsdopensshMatch3.9.1
OR
openbsdopensshMatch3.9.1p1
OR
openbsdopensshMatch4.0
OR
openbsdopensshMatch4.0p1
OR
openbsdopensshMatch4.1
OR
openbsdopensshMatch4.1p1
OR
openbsdopensshMatch4.2
OR
openbsdopensshMatch4.2p1
OR
openbsdopensshMatch4.3
OR
openbsdopensshMatch4.3p1
OR
openbsdopensshMatch4.3p2
OR
openbsdopensshMatch4.4
OR
openbsdopensshMatch4.4p1
OR
openbsdopensshMatch4.5
OR
openbsdopensshMatch4.6
OR
openbsdopensshMatch4.7
OR
openbsdopensshMatch4.8
OR
openbsdopensshMatch4.9
OR
openbsdopensshMatch5.0
OR
openbsdopensshMatch5.1
OR
openbsdopensshMatch5.2
OR
openbsdopensshMatch5.3
OR
openbsdopensshMatch5.4
OR
openbsdopensshMatch5.5
OR
openbsdopensshMatch5.6
OR
openbsdopensshMatch5.7
VendorProductVersionCPE
openbsdopenssh*cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*
openbsdopenssh1.2cpe:2.3:a:openbsd:openssh:1.2:*:*:*:*:*:*:*
openbsdopenssh1.2.1cpe:2.3:a:openbsd:openssh:1.2.1:*:*:*:*:*:*:*
openbsdopenssh1.2.2cpe:2.3:a:openbsd:openssh:1.2.2:*:*:*:*:*:*:*
openbsdopenssh1.2.3cpe:2.3:a:openbsd:openssh:1.2.3:*:*:*:*:*:*:*
openbsdopenssh1.2.27cpe:2.3:a:openbsd:openssh:1.2.27:*:*:*:*:*:*:*
openbsdopenssh1.3cpe:2.3:a:openbsd:openssh:1.3:*:*:*:*:*:*:*
openbsdopenssh1.5cpe:2.3:a:openbsd:openssh:1.5:*:*:*:*:*:*:*
openbsdopenssh1.5.7cpe:2.3:a:openbsd:openssh:1.5.7:*:*:*:*:*:*:*
openbsdopenssh1.5.8cpe:2.3:a:openbsd:openssh:1.5.8:*:*:*:*:*:*:*
Rows per page:
1-10 of 661

Related

openvas 10
debiancve 1
veracode 1
amazon 1
redhat 1
prion 1
nessus 12
centos 1
ubuntucve 1
oraclelinux 1
cvelist 1
cve 1
f5 2
gentoo 1
rosalinux 1
openvas
openvas
CentOS Update for openssh CESA-2012:0884 centos6
2012-07-30 00:00:00
CentOS Update for openssh CESA-2012:0884 centos6
2012-07-30 00:00:00
RedHat Update for openssh RHSA-2012:0884-04
2012-06-22 00:00:00
debiancve
debiancve
CVE-2011-5000
2012-04-05 14:55:03
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:52:41
amazon
amazon
Medium: openssh
2012-07-05 16:18:00
redhat
redhat
(RHSA-2012:0884) Low: openssh security, bug fix, and enhancement update
2012-06-20 00:00:00
prion
prion
Authentication flaw
2012-04-05 14:55:00
nessus
nessus
Amazon Linux AMI : openssh (ALAS-2012-99)
2013-09-04 00:00:00
Oracle Linux 6 : openssh (ELSA-2012-0884)
2013-07-12 00:00:00
CentOS 6 : openssh (CESA-2012:0884)
2012-07-11 00:00:00
centos
centos
openssh, pam_ssh_agent_auth security update
2012-07-10 17:25:37
ubuntucve
ubuntucve
CVE-2011-5000
2012-04-05 00:00:00
oraclelinux
oraclelinux
openssh security, bug fix, and enhancement update
2012-06-27 00:00:00
cvelist
cvelist
CVE-2011-5000
2012-04-04 10:00:00
cve
cve
CVE-2011-5000
2012-04-05 14:55:03
f5
f5
SOL14740 - OpenSSH vulnerability CVE-2011-5000
2013-10-10 00:00:00
K14740 : OpenSSH vulnerability CVE-2011-5000
2013-10-10 00:00:00
gentoo
gentoo
OpenSSH: Multiple vulnerabilities
2014-05-11 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1938
2021-07-02 17:38:20

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

AI Score

5.8

Confidence

High

EPSS

0.004

Percentile

72.0%

JSON
Related for NVD:CVE-2011-5000
openvas10debiancve1veracode1amazon1redhat1prion1nessus12centos1ubuntucve1oraclelinux1cvelist1cve1f52gentoo1rosalinux1