8 matches found
K14434: OpenSSH vulnerability CVE-2006-5794
Security Advisory Description Unspecified vulnerability in the sshd Privilege Separation Monitor in OpenSSH before 4.5 causes weaker authentication verification, which might allow attackers to bypass authentication. As of 2006-11-08, it is believed that this issue is only exploitable by leveragin...
NewStart CGSL CORE 5.04 / MAIN 5.04 : openssh Multiple Vulnerabilities (NS-SA-2019-0036)
The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openssh packages installed that are affected by multiple vulnerabilities: - scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded...
Oracle Linux 3 / 4 : openssh (ELSA-2006-0738)
From Red Hat Security Advisory 2006:0738 : Updated openssh packages that fix an authentication flaw are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having low security impact by the Red Hat Security Response Team. OpenSSH is OpenBSD's SSH Secure SHell protoco...
SunSSH < 1.1.1 / 1.3 CBC Plaintext Disclosure
The version of SunSSH running on the remote host has an information disclosure vulnerability. A design flaw in the SSH specification could allow a man-in-the-middle attacker to recover up to 32 bits of plaintext from an SSH-protected connection in the standard configuration. An attacker could...
SLES9: Security update for OpenSSH
The remote host is missing updates to packages that affect the security of your system. One or more of the following packages are affected: openssh openssh-askpass For more information, please visit the referenced security advisories. More details may also be found by searching for keyword 500966...
openSUSE 10 Security Update : openssh (openssh-2256)
The OpenSSH release 4.5 contains a security fix which has been backported to the openssh versions in our old products. CVE-2006-5794: Incorrect return argument checking in the privilege separation monitor was fixed. In case of an exploitable unprivileged helper this could have been used to elevat...
Low openssh security update
3.9p1-8.RHEL4.17.1 - CVE-2006-5794 properly detect failed key verify in monitor 21640...
CVE-2006-5794
The CVE-2006-5794 entry refers to an unspecified vulnerability in the sshd Privilege Separation Monitor of OpenSSH up to version 4.4/4.5 that weakens authentication verification and could allow bypass of authentication. As stated, exploitation is believed to require leveraging vulnerabilities in ...