CVE-2006-5794

critical

Description

Unspecified vulnerability in the sshd Privilege Separation Monitor in OpenSSH before 4.5 causes weaker verification that authentication has been successful, which might allow attackers to bypass authentication. NOTE: as of 20061108, it is believed that this issue is only exploitable by leveraging vulnerabilities in the unprivileged process, which are not known to exist.

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11840

https://issues.rpath.com/browse/RPL-766

https://exchange.xforce.ibmcloud.com/vulnerabilities/30120

http://www.vupen.com/english/advisories/2006/4400

http://www.vupen.com/english/advisories/2006/4399

http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html

http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html

http://www.securityfocus.com/bid/20956

http://www.securityfocus.com/archive/1/451100/100/0/threaded

http://www.openssh.org/txt/release-4.5

http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.032-openssh.html

http://www.novell.com/linux/security/advisories/2006_26_sr.html

http://www.mandriva.com/security/advisories?name=MDKSA-2006:204

http://support.avaya.com/elmodocs2/security/ASA-2007-048.htm

http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227

http://sourceforge.net/project/shownotes.php?release_id=461854&group_id=69227

http://securitytracker.com/id?1017183

http://secunia.com/advisories/24055

http://secunia.com/advisories/23680

http://secunia.com/advisories/23513

http://secunia.com/advisories/22932

http://secunia.com/advisories/22872

http://secunia.com/advisories/22814

http://secunia.com/advisories/22778

http://secunia.com/advisories/22773

http://secunia.com/advisories/22772

http://secunia.com/advisories/22771

http://rhn.redhat.com/errata/RHSA-2006-0738.html

Details

Source: Mitre, NVD

Published: 2006-11-08

Updated: 2018-10-17

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical