1. Home
  2. Vulnerabilities
  3. CVE-2006-5051

CVE-2006-5051

CVSS v3.1 8.1 (High)
81% Progress
CVSS v2.0 9.3 (High)
93% Progress
EPSS 92.88 % (99th)
92.88% Progress
Affected Products 4
Advisories 9
NVD Status Modified
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free.

Weaknesses
CWE-415
Double Free
Related CVEs
CVE Status
PUBLISHED
NVD Status
Modified
CNA
Red Hat, Inc.
Published Date
2006-09-27 23:07:00
(18 years ago)
Updated Date
2024-07-29 01:15:09
(7 weeks ago)

Affected Products

Apple

Debian

Openbsd

Configuration #1

    CPE23 From Up To
  Openbsd Openssh 4.4 and prior versions cpe:2.3:a:openbsd:openssh <= 4.4

Configuration #2

    CPE23 From Up To
  Debian Linux 3.1 cpe:2.3:o:debian:debian_linux:3.1

Configuration #3

    CPE23 From Up To
  Apple Mac Os X prior 10.3.9 version cpe:2.3:o:apple:mac_os_x < 10.3.9
  Apple Mac Os X from 10.4 version and 10.4.8 and prior versions cpe:2.3:o:apple:mac_os_x >= 10.4 <= 10.4.8
  Apple Mac Os X Server prior 10.3.9 version cpe:2.3:o:apple:mac_os_x_server < 10.3.9
  Apple Mac Os X Server from 10.4 version and 10.4.8 and prior versions cpe:2.3:o:apple:mac_os_x_server >= 10.4 <= 10.4.8