4 matches found
sshd in OpenSSH before 10.4 allows remote attackers to cause a denial of service (resource consumption from excessive authentication attempts) because MaxAuthTries was mishandled for GSSAPIAuthentication.
...
CVE-2026-60000
CVE-2026-60000 affects OpenSSH sshd prior to 10.4. The vulnerability arises from mishandling MaxAuthTries for GSSAPIAuthentication, enabling a remote attacker to cause denial of service via resource exhaustion from excessive authentication attempts. Impact is a server-wide DoS (availability loss)...
Ubuntu 4.10 / 5.04 : openssh vulnerability (USN-209-1)
An information disclosure vulnerability has been found in the SSH server. When the GSSAPIAuthentication option was enabled, the SSH server could send GSSAPI credentials even to users who attempted to log in with a method other than GSSAPI. This could inadvertently expose these credentials to an...
USN-209-1: SSH server vulnerability
An information disclosure vulnerability has been found in the SSH server. When the GSSAPIAuthentication option was enabled, the SSH server could send GSSAPI credentials even to users who attempted to log in with a method other than GSSAPI. This could inadvertently expose these credentials to an...