Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Openssh Security Vulnerabilities - 2006

cve
cve

CVE-2006-0225

scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice.

9.2AI Score

0.001EPSS

2006-01-25 11:03 AM
115
cve
cve

CVE-2006-0883

OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does not properly handle when a forked child process terminates during PAM authentication, which allows remote attackers to cause a denial of service (client connection refusal) by connecting multiple times to the SSH server, waiting for the p...

6.6AI Score

0.045EPSS

2006-03-07 02:02 AM
57
cve
cve

CVE-2006-4924

sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector.

7.7AI Score

0.933EPSS

2006-09-27 01:07 AM
1328
cve
cve

CVE-2006-4925

packet.c in ssh in OpenSSH allows remote attackers to cause a denial of service (crash) by sending an invalid protocol sequence with USERAUTH_SUCCESS before NEWKEYS, which causes newkeys[mode] to be NULL.

7.6AI Score

0.062EPSS

2006-09-29 12:07 AM
59
cve
cve

CVE-2006-5051

Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free.

8.1CVSS

8.4AI Score

0.929EPSS

2006-09-27 11:07 PM
3980
cve
cve

CVE-2006-5052

Unspecified vulnerability in portable OpenSSH before 4.4, when running on some platforms, allows remote attackers to determine the validity of usernames via unknown vectors involving a GSSAPI "authentication abort."

7.7AI Score

0.022EPSS

2006-09-27 11:07 PM
444
cve
cve

CVE-2006-5229

OpenSSH portable 4.1 on SUSE Linux, and possibly other platforms and versions, and possibly under limited configurations, allows remote attackers to determine valid usernames via timing discrepancies in which responses take longer for valid usernames than invalid ones, as demonstrated by sshtime. N...

6.6AI Score

0.01EPSS

2006-10-10 11:07 PM
47
cve
cve

CVE-2006-5794

Unspecified vulnerability in the sshd Privilege Separation Monitor in OpenSSH before 4.5 causes weaker verification that authentication has been successful, which might allow attackers to bypass authentication. NOTE: as of 20061108, it is believed that this issue is only exploitable by leveraging v...

8.7AI Score

0.037EPSS

2006-11-08 08:07 PM
172
In Wild