CVE-2006-0883
Published Mar 7, 2006
Last updated 7 years ago
Overview
- Description
- OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does not properly handle when a forked child process terminates during PAM authentication, which allows remote attackers to cause a denial of service (client connection refusal) by connecting multiple times to the SSH server, waiting for the password prompt, then disconnecting.
- Source
- secteam@freebsd.org
- NVD status
- Modified
Social media
- Hype score
- Not currently trending
Risk scores
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:N/I:N/A:P
Weaknesses
- nvd@nist.gov
- CWE-399
Vendor comments
- Red HatThis issue did not affect the versions of OpenSSH as distributed with Red Hat Enterprise Linux 2.1, 3, or 4.
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:openbsd:openssh:3.8.1p1:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C35F4ABE-1B0C-4195-8F99-BF993A17882B"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.3:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "D8A80E6A-6502-4A33-83BA-7DCC606D79AA"
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.3:release:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0D6428EB-5E1A-41CB-979C-4C9402251D8B"
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.3:releng:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2DCA9879-C9F5-475A-8EC9-04D151001C8D"
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.3:stable:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0A94132F-4C47-49CC-B03C-8756613E9A38"
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.4:pre-release:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "46A60ED5-1D92-4B40-956F-D1801CAB9039"
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.4:release:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3F629879-66F0-427B-86D8-D740E0E3F6E8"
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.4:releng:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "C89129C5-A1DB-4018-B43A-C60C8E650080"
},
{
"criteria": "cpe:2.3:o:freebsd:freebsd:5.4:stable:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "60F7B4A9-4036-4061-8F3D-BDC3F1282EC0"
}
],
"operator": "OR"
}
]
}
]