CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
99.1%
CentOS Errata and Security Advisory CESA-2006:0698-01
OpenSSH is OpenBSDβs SSH (Secure SHell) protocol implementation. This
package includes the core files necessary for both the OpenSSH client and
server.
Mark Dowd discovered a signal handler race condition in the OpenSSH sshd
server. A remote attacker could possibly leverage this flaw to cause a
denial of service (crash). (CVE-2006-5051) The OpenSSH project believes the
likelihood of successful exploitation leading to arbitrary code execution
appears remote. However, the Red Hat Security Response Team have not yet
been able to verify this claim due to lack of upstream vulnerability
information. We are therefore including a fix for this flaw and have rated
it important security severity in the event our continued investigation
finds this issue to be exploitable.
Tavis Ormandy of the Google Security Team discovered a denial of service
bug in the OpenSSH sshd server. A remote attacker can send a specially
crafted SSH-1 request to the server causing sshd to consume a large
quantity of CPU resources. (CVE-2006-4924)
An arbitrary command execution flaw was discovered in the way scp copies
files locally. It is possible for a local attacker to create a file with a
carefully crafted name that could execute arbitrary commands as the user
running scp to copy files locally. (CVE-2006-0225)
The SSH daemon, when restricting host access by numeric IP addresses and
with VerifyReverseMapping disabled, allows remote attackers to bypass
βfrom=β and βuser@hostβ address restrictions by connecting to a host from a
system whose reverse DNS hostname contains the numeric IP address.
(CVE-2003-0386)
All users of openssh should upgrade to these updated packages, which
contain backported patches that resolve these issues.
Merged security bulletin from advisories:
https://lists.centos.org/pipermail/centos-announce/2006-October/075472.html
Affected packages:
openssh
openssh-askpass
openssh-askpass-gnome
openssh-clients
openssh-server
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
CentOS | 2 | i386 | openssh | <Β 3.1p1-21 | openssh-3.1p1-21.i386.rpm |
CentOS | 2 | i386 | openssh-askpass | <Β 3.1p1-21 | openssh-askpass-3.1p1-21.i386.rpm |
CentOS | 2 | i386 | openssh-askpass-gnome | <Β 3.1p1-21 | openssh-askpass-gnome-3.1p1-21.i386.rpm |
CentOS | 2 | i386 | openssh-clients | <Β 3.1p1-21 | openssh-clients-3.1p1-21.i386.rpm |
CentOS | 2 | i386 | openssh-server | <Β 3.1p1-21 | openssh-server-3.1p1-21.i386.rpm |
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
99.1%