CVE-2006-4925
https://notcve.org/view.php?id=CVE-2006-4925
packet.c in ssh in OpenSSH allows remote attackers to cause a denial of service (crash) by sending an invalid protocol sequence with USERAUTH_SUCCESS before NEWKEYS, which causes newkeys[mode] to be NULL. packet.c en ssh en OpenSSH permite a atacantes remotos provocar una denegación de servicio (caída) mediante el envío de una secuencia de protocolo inválida con USERAUTH_SUCCESS antes de NEWKEYS, lo que provoca que newkeys[mode] sea nulo (NULL). • http://bugs.gentoo.org/show_bug.cgi?id=148228 http://secunia.com/advisories/22245 http://secunia.com/advisories/22298 http://secunia.com/advisories/22495 http://secunia.com/advisories/23038 http://www.mandriva.com/security/advisories?name=MDKSA-2006:179 http://www.novell.com/linux/security/advisories/2006_24_sr.html http://www.novell.com/linux/security/advisories/2006_62_openssh.html http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/packet.c.diff?r1=1.144&r2=1& •
CVE-2006-5051 – unsafe GSSAPI signal handler
https://notcve.org/view.php?id=CVE-2006-5051
Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free. Condición de carrera en el manejador de señal OpenSSH en versiones anteriores a 4.4 permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario si la autenticación GSSAPI está habilitada, a través de vectores no especificados que conducen a una doble liberación. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:22.openssh.asc ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc http://docs.info.apple.com/article.html?artnum=305214 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://lists.freebsd.org/pipermail/freebsd-security/2006-October/004051.html http://marc.info/?l=openssh-unix-dev&m=115939141729160&w=2 http://openssh.org/txt/release-4.4 http://secunia.com/advisories& • CWE-415: Double Free •
CVE-2006-5052 – Kerberos information leak
https://notcve.org/view.php?id=CVE-2006-5052
Unspecified vulnerability in portable OpenSSH before 4.4, when running on some platforms, allows remote attackers to determine the validity of usernames via unknown vectors involving a GSSAPI "authentication abort." Vulnerabilidad no especificada en OpenSSH portable anterior a 4.4, cuando funciona sobre algunas plataformas permite a un atacante remoto determinan la validación de los nombres de usuario a través de vectores desconocidos afectando a GSSAPI "aborto de validacion." • http://docs.info.apple.com/article.html?artnum=305214 http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html http://marc.info/?l=openssh-unix-dev&m=115939141729160&w=2 http://openssh.org/txt/release-4.4 http://rhn.redhat.com/errata/RHSA-2006-0697.html http://secunia.com/advisories/22158 http://secunia.com/advisories/22173 http://secunia.com/advisories/22495 http://secunia.com/advisories/22823 http://secunia.com/advisories/24479 http://secunia.com& •
CVE-2006-4924 – OpenSSH 4.3 p1 - Duplicated Block Remote Denial of Service
https://notcve.org/view.php?id=CVE-2006-4924
sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector. sshd en OpenSSH en versiones anteriores a 4.4, cuando se utiliza la versión 1 del protocolo SSH, permite a atacantes remotos provocar una denegación de servicio (consumo de CPU) a través de un paquete SSH que contiene bloques duplicados, los cuales no se manejan correctamente por el detector de ataque de compensación CRC. • https://www.exploit-db.com/exploits/2444 ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:22.openssh.asc ftp://ftp.sco.com/pub/unixware7/714/security/p534336/p534336.txt ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc http://blogs.sun.com/security/entry/sun_alert_102962_security_vulnerability http://bugs.gentoo.org/show_bug.cgi?id=148228 http://docs.info.apple.com/article.html?artnum=305214 http://itrc.hp.com/service/cki/docDisplay • CWE-399: Resource Management Errors •
CVE-2006-0883
https://notcve.org/view.php?id=CVE-2006-0883
OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does not properly handle when a forked child process terminates during PAM authentication, which allows remote attackers to cause a denial of service (client connection refusal) by connecting multiple times to the SSH server, waiting for the password prompt, then disconnecting. • ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:09.openssh.asc http://bugzilla.mindrot.org/show_bug.cgi?id=839 http://securityreason.com/securityalert/520 http://securitytracker.com/id?1015706 http://www.osvdb.org/23797 http://www.securityfocus.com/bid/16892 http://www.vupen.com/english/advisories/2006/0805 https://exchange.xforce.ibmcloud.com/vulnerabilities/25116 • CWE-399: Resource Management Errors •