Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
None
Privileges Required
None
Attack Vector
Network
0

CVE-2006-5051

Disclosure Date: September 27, 2006
CVE-2006-5051 CVSS v3 Base Score: 8.1
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
8.1 High
Impact Score:
5.9
Exploitability Score:
2.2
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack Vector (AV):
Network
Attack Complexity (AC):
High
Privileges Required (PR):
None
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
High
Availability (A):
High

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
n/a
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
Unknown
Reporter
Unknown

Vendors

  • apple,
  • debian,
  • openbsd

Products

  • debian linux 3.1,
  • mac os x,
  • mac os x server,
  • openssh

References

Canonical
CVE-2006-5051 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5051)
BID-20241 (http://www.securityfocus.com/bid/20241)
Advisory
http://sourceforge.net/forum/forum.php?forum_id=681763
SECUNIA-22270 (http://secunia.com/advisories/22270)
http://www.arkoon.fr/upload/alertes/43AK-2006-09-FR-1.0_SSL360_OPENSSH.pdf
USN-355-1 (http://www.ubuntu.com/usn/usn-355-1)
[freebsd-security] 20061002 FreeBSD Security Advisory FreeBSD-SA-06:22.openssh (http://lists.freebsd.org/pipermail/freebsd-security/2006-October/004051.html)
http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11387
http://openssh.org/txt/release-4.4
SECUNIA-24805 (http://secunia.com/advisories/24805)
VU#851340 (http://www.kb.cert.org/vuls/id/851340)
SECUNIA-22487 (http://secunia.com/advisories/22487)
TA07-072A (http://www.us-cert.gov/cas/techalerts/TA07-072A.html)
http://www.arkoon.fr/upload/alertes/36AK-2006-07-FR-1.0_FAST360_OPENSSH.pdf
GLSA-200611-06 (http://security.gentoo.org/glsa/glsa-200611-06.xml)
http://www.novell.com/linux/security/advisories/2006_62_openssh.html
SECUNIA-22362 (http://secunia.com/advisories/22362)
SECUNIA-23680 (http://secunia.com/advisories/23680)
APPLE-SA-2007-03-13 (http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html)
http://docs.info.apple.com/article.html?artnum=305214
SECUNIA-22352 (http://secunia.com/advisories/22352)
ADV-2006-4329 (http://www.vupen.com/english/advisories/2006/4329)
SECUNIA-22236 (http://secunia.com/advisories/22236)
SECUNIA-24799 (http://secunia.com/advisories/24799)
ADV-2006-4018 (http://www.vupen.com/english/advisories/2006/4018)
SECUNIA-22495 (http://secunia.com/advisories/22495)
XF-openssh-signal-handler-race-condition(29254) (https://exchange.xforce.ibmcloud.com/vulnerabilities/29254)
ADV-2007-1332 (http://www.vupen.com/english/advisories/2007/1332)
OSVDB-29264 (http://www.osvdb.org/29264)
SECUNIA-22823 (http://secunia.com/advisories/22823)
http://www.redhat.com/support/errata/RHSA-2006-0697.html
SECUNIA-22183 (http://secunia.com/advisories/22183)
[openssh-unix-dev] 20060927 Announce: OpenSSH 4.4 released (http://marc.info?l=openssh-unix-dev&m=115939141729160&w=2)
ADV-2007-0930 (http://www.vupen.com/english/advisories/2007/0930)
[security-announce] 20070409 Globus Security Advisory 2007-02: GSI-OpenSSH vulnerability (http://www-unix.globus.org/mail_archive/security-announce/2007/04/msg00000.html)
SECUNIA-22926 (http://secunia.com/advisories/22926)
SECUNIA-22173 (http://secunia.com/advisories/22173)
SECTRACK-1016940 (http://securitytracker.com/id?1016940)
SECUNIA-22208 (http://secunia.com/advisories/22208)
http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html
SECUNIA-22245 (http://secunia.com/advisories/22245)
SECUNIA-22196 (http://secunia.com/advisories/22196)
DSA-1212 (http://www.debian.org/security/2006/dsa-1212)
http://www.redhat.com/support/errata/RHSA-2006-0698.html
SECUNIA-22158 (http://secunia.com/advisories/22158)
http://www.mandriva.com/security/advisories?name=MDKSA-2006:179
DSA-1189 (http://www.debian.org/security/2006/dsa-1189)
http://support.avaya.com/elmodocs2/security/ASA-2006-216.htm
SECUNIA-24479 (http://secunia.com/advisories/24479)
Miscellaneous
http://security.freebsd.org/advisories/FreeBSD-SA-06%3A22.openssh.asc
[2.9] 015: SECURITY FIX: October 12, 2006 (http://www.openbsd.org/errata.html#ssh)
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.592566
OpenPKG-SA-2006.022 (http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.022-openssh.html)

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis