7 matches found
SOL15484 - OpenSSH vulnerability CVE-2006-4925
Recommended action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...
SunSSH < 1.1.1 / 1.3 CBC Plaintext Disclosure
The version of SunSSH running on the remote host has an information disclosure vulnerability. A design flaw in the SSH specification could allow a man-in-the-middle attacker to recover up to 32 bits of plaintext from an SSH-protected connection in the standard configuration. An attacker could...
SLES9: Security update for OpenSSH
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: openssh openssh-askpass For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 501950...
SuSE 10 Security Update : OpenSSH (ZYPP Patch Number 2184)
Several security problems were fixed in OpenSSH : - A denial of service problem has been fixed in OpenSSH which could be used to cause lots of CPU consumption on a remote openssh server. CVE-2006-4924 - If a remote attacker is able to inject network traffic this could be used to cause a client...
openSUSE 10 Security Update : openssh (openssh-2183)
Several security problems were fixed in OpenSSH : - CVE-2006-4924: A denial of service problem has been fixed in OpenSSH which could be used to cause lots of CPU consumption on a remote openssh server. - CVE-2006-4925: If a remote attacker is able to inject network traffic this could be used to...
CVE-2006-4925
CVE-2006-4925 affects OpenSSH: packet.c vulnerability allows a remote attacker to crash the SSH server by sending an invalid USERAUTH_SUCCESS sequence before NEWKEYS, resulting in newkeys[mode] being NULL. Documented impact is DoS; remediation is to update OpenSSH to a fixed version, but the exac...
CVE-2006-4925
packet.c in ssh in OpenSSH allows remote attackers to cause a denial of service crash by sending an invalid protocol sequence with USERAUTHSUCCESS before NEWKEYS, which causes newkeysmode to be NULL...