Moderate: Red Hat Security Advisory: openssh security and bug fix update

Updated openssh packages that fix two security issues and various bugs are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenSSH is OpenBSD's SSH Secure SHell protocol implementation. These packages include the core files...

openSUSE 10 Security Update : openssh (openssh-2183)

Several security problems were fixed in OpenSSH : - CVE-2006-4924: A denial of service problem has been fixed in OpenSSH which could be used to cause lots of CPU consumption on a remote openssh server. - CVE-2006-4925: If a remote attacker is able to inject network traffic this could be used to...

SUSE-SA:2006:062: openssh

The remote host is missing the patch for the advisory SUSE-SA:2006:062 openssh. Several security problems were fixed in OpenSSH 4.4 and the bug fixes were back ported to the openssh versions in our products. - CVE-2006-4924: A denial of service problem has been fixed in OpenSSH which could be use...

GLSA-200611-06 : OpenSSH: Multiple Denial of Service vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200611-06 OpenSSH: Multiple Denial of Service vulnerabilities Tavis Ormandy of the Google Security Team has discovered a pre-authentication vulnerability, causing sshd to spin until the login grace time has been expired. Mark Dowd...

OpenSSH: Multiple Denial of Service vulnerabilities

Background OpenSSH is a complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. Description Tavis Ormandy of the Google Security Team has discovered a pre-authentication vulnerability, causing sshd to spin until the login grace time has been...

OpenSSH < 4.4 Multiple Vulnerabilities

According to its banner, the version of OpenSSH installed on the remote host is affected by multiple vulnerabilities : - A race condition exists that may allow an unauthenticated, remote attacker to crash the service or, on portable OpenSSH, possibly execute code on the affected host. Note that...

CVE-2006-5051

Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service crash, and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free...

CVE-2006-5051

Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service crash, and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free...

CVE-2006-5052

Unspecified vulnerability in portable OpenSSH before 4.4, when running on some platforms, allows remote attackers to determine the validity of usernames via unknown vectors involving a GSSAPI "authentication abort."...

CVE-2006-5051

Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service crash, and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free...

CVE-2006-5051

CVE-2006-5051 describes a signal-handler race in OpenSSH before 4.4. The race can cause unsafe handling of signals, potentially crashing the daemon and, if triggered under certain conditions (e.g., with GSSAPI enabled), may lead to arbitrary code execution. The root cause is a race condition that...