6 matches found
SunSSH < 1.1.1 / 1.3 CBC Plaintext Disclosure
The version of SunSSH running on the remote host has an information disclosure vulnerability. A design flaw in the SSH specification could allow a man-in-the-middle attacker to recover up to 32 bits of plaintext from an SSH-protected connection in the standard configuration. An attacker could...
MDKSA-2005:172 : openssh
Sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts. GSSAPI is only enabled in versions of openssh shipped in...
RHEL 4 : openssh (RHSA-2005:527)
The remote Redhat Enterprise Linux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2005:527 advisory. OpenSSH is OpenBSD's SSH Secure SHell protocol implementation. An error in the way OpenSSH handled GSSAPI credential delegation was discovere...
Fedora Core 3 : openssh-3.9p1-8.0.3 (2005-858)
This security update fixes CVE-2005-2798 and resolves a problem with X forwarding binding only on IPv6 address on certain circumstances. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...
CVE-2005-2798
sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts...
CVE-2005-2798
Technical details about CVE-2005-2798 are not publicly available in the provided connected documents. No product/version specifics, impact details, or fixes are enumerated here. Monitor for official updates from vendors or security advisories.