// For flags

CVE-2006-5051

unsafe GSSAPI signal handler

Severity Score

8.1
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free.

Condición de carrera en el manejador de señal OpenSSH en versiones anteriores a 4.4 permite a atacantes remotos provocar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario si la autenticación GSSAPI está habilitada, a través de vectores no especificados que conducen a una doble liberación.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2006-09-27 CVE Reserved
  • 2006-09-27 CVE Published
  • 2024-07-29 EPSS Updated
  • 2024-08-07 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-415: Double Free
CAPEC
References (60)
URL Tag Source
http://docs.info.apple.com/article.html?artnum=305214 Broken Link
http://lists.freebsd.org/pipermail/freebsd-security/2006-October/004051.html Mailing List
http://marc.info/?l=openssh-unix-dev&m=115939141729160&w=2 Mailing List
http://openssh.org/txt/release-4.4 Release Notes
http://secunia.com/advisories/22495 Broken Link
http://securitytracker.com/id?1016940 Broken Link
http://sourceforge.net/forum/forum.php?forum_id=681763 Broken Link
http://support.avaya.com/elmodocs2/security/ASA-2006-216.htm Third Party Advisory
http://www-unix.globus.org/mail_archive/security-announce/2007/04/msg00000.html Broken Link
http://www.arkoon.fr/upload/alertes/36AK-2006-07-FR-1.0_FAST360_OPENSSH.pdf Broken Link
http://www.arkoon.fr/upload/alertes/43AK-2006-09-FR-1.0_SSL360_OPENSSH.pdf Broken Link
http://www.kb.cert.org/vuls/id/851340 Third Party Advisory
http://www.openwall.com/lists/oss-security/2024/07/01/3 Mailing List
http://www.osvdb.org/29264 Broken Link
http://www.securityfocus.com/bid/20241 Broken Link
http://www.us-cert.gov/cas/techalerts/TA07-072A.html Third Party Advisory
http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html Broken Link
http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html Broken Link
http://www.vupen.com/english/advisories/2006/4018 Broken Link
http://www.vupen.com/english/advisories/2006/4329 Broken Link
http://www.vupen.com/english/advisories/2007/0930 Broken Link
http://www.vupen.com/english/advisories/2007/1332 Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/29254 Third Party Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11387 Broken Link
http://www.openwall.com/lists/oss-security/2024/07/28/3 Mailing List
https://www.openwall.com/lists/oss-security/2024/07/28/3
URL Date SRC
URL Date SRC
URL Date SRC
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:22.openssh.asc 2024-07-01
ftp://patches.sgi.com/support/free/security/advisories/20061001-01-P.asc 2024-07-01
http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html 2024-07-01
http://secunia.com/advisories/22158 2024-07-01
http://secunia.com/advisories/22173 2024-07-01
http://secunia.com/advisories/22183 2024-07-01
http://secunia.com/advisories/22196 2024-07-01
http://secunia.com/advisories/22208 2024-07-01
http://secunia.com/advisories/22236 2024-07-01
http://secunia.com/advisories/22245 2024-07-01
http://secunia.com/advisories/22270 2024-07-01
http://secunia.com/advisories/22352 2024-07-01
http://secunia.com/advisories/22362 2024-07-01
http://secunia.com/advisories/22487 2024-07-01
http://secunia.com/advisories/22823 2024-07-01
http://secunia.com/advisories/22926 2024-07-01
http://secunia.com/advisories/23680 2024-07-01
http://secunia.com/advisories/24479 2024-07-01
http://secunia.com/advisories/24799 2024-07-01
http://secunia.com/advisories/24805 2024-07-01
http://security.freebsd.org/advisories/FreeBSD-SA-06%3A22.openssh.asc 2024-07-01
http://security.gentoo.org/glsa/glsa-200611-06.xml 2024-07-01
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.592566 2024-07-01
http://www.debian.org/security/2006/dsa-1189 2024-07-01
http://www.debian.org/security/2006/dsa-1212 2024-07-01
http://www.mandriva.com/security/advisories?name=MDKSA-2006:179 2024-07-01
http://www.novell.com/linux/security/advisories/2006_62_openssh.html 2024-07-01
http://www.openbsd.org/errata.html#ssh 2024-07-01
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.022-openssh.html 2024-07-01
http://www.redhat.com/support/errata/RHSA-2006-0697.html 2024-07-01
http://www.redhat.com/support/errata/RHSA-2006-0698.html 2024-07-01
http://www.ubuntu.com/usn/usn-355-1 2024-07-01
https://access.redhat.com/security/cve/CVE-2006-5051 2006-09-29
https://bugzilla.redhat.com/show_bug.cgi?id=208347 2006-09-29
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Openbsd
Search vendor "Openbsd"
Openssh
Search vendor "Openbsd" for product "Openssh"
<= 4.4
Search vendor "Openbsd" for product "Openssh" and version " <= 4.4"
-
Affected
Debian
Search vendor "Debian"
Debian Linux
Search vendor "Debian" for product "Debian Linux"
3.1
Search vendor "Debian" for product "Debian Linux" and version "3.1"
-
Affected
Apple
Search vendor "Apple"
Mac Os X
Search vendor "Apple" for product "Mac Os X"
< 10.3.9
Search vendor "Apple" for product "Mac Os X" and version " < 10.3.9"
-
Affected
Apple
Search vendor "Apple"
Mac Os X
Search vendor "Apple" for product "Mac Os X"
>= 10.4 <= 10.4.8
Search vendor "Apple" for product "Mac Os X" and version " >= 10.4 <= 10.4.8"
-
Affected
Apple
Search vendor "Apple"
Mac Os X Server
Search vendor "Apple" for product "Mac Os X Server"
< 10.3.9
Search vendor "Apple" for product "Mac Os X Server" and version " < 10.3.9"
-
Affected
Apple
Search vendor "Apple"
Mac Os X Server
Search vendor "Apple" for product "Mac Os X Server"
>= 10.4 <= 10.4.8
Search vendor "Apple" for product "Mac Os X Server" and version " >= 10.4 <= 10.4.8"
-
Affected