SecurityLex.Org
  Home My IP SecCon Glossary Vulnerability Tests Sans/FBI Top 20 Top 10 Ipfilter Recent Vulnerabilities Today's news Web Host Check 

VulnTests
SecureScout Testcase
eEye Retina RTH
Nessus Plugin ID
nCircle Sans CVE's
Dragonsoft Vuln ID
CVE Entries
Search CVSS vectors 
CVSS Base score between    and
Access Vector Confidentiality Impact
Access Complexity Integrity Impact
Authentification Availability Impact
Impact Bias

Your search for "CVE-2006-5794" returned:
CVE Entries: CVE-2006-5794Name: CVE-2006-5794
CVE References: cve.mitre.org, nvd.nist.gov
SANS/FBI TOP20 Reference:
Risk: HighCVSS Base Score: 7.5 (ver.2.0 upgrade from v1.0)
Access Vector: NetworkAccess Complexity: LowAuthentication: Not required
Confidentiality Impact: PartialIntegrity Impact: PartialAvailability Impact: PartialImpact Bias: N/A
Security vendors coverage:

Nessus Plugin ID: 23683  24051  24050  24589  24926  27366  29539  37366 
Description: Unspecified vulnerability in the sshd Privilege Separation Monitor in OpenSSH before 4.5 causes weaker verification that authentication has been successful, which might allow attackers to bypass authentication. NOTE: as of 20061108, it is believed that this issue is only exploitable by leveraging vulnerabilities in the unprivileged process, which are not known to exist.
Vulnerable Versions:

Product: openssh Vendor: openbsd

Versions:
4.4    Previous versions are also affected.
References:

BID: http://www.securityfocus.com/bid/20956

VUPEN: http://www.frsirt.com/english/advisories/2006/4399

SECUNIA: http://secunia.com/advisories/22773

SECUNIA: http://secunia.com/advisories/22771

CONFIRM: http://www.openssh.org/txt/release-4.5

CONFIRM: http://sourceforge.net/project/shownotes.php?release_id=461854&group_id=69227

OVAL: http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11840

CONFIRM: https://issues.rpath.com/browse/RPL-766

XF: http://xforce.iss.net/xforce/xfdb/30120

CONFIRM: http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html

CONFIRM: http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html

BUGTRAQ: http://www.securityfocus.com/archive/1/archive/1/451100/100/0/threaded

OPENPKG: http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.032-openssh.html

SUSE: http://www.novell.com/linux/security/advisories/2006_26_sr.html

MANDRIVA: http://www.mandriva.com/security/advisories?name=MDKSA-2006:204

VUPEN: http://www.frsirt.com/english/advisories/2006/4400

CONFIRM: http://support.avaya.com/elmodocs2/security/ASA-2007-048.htm

CONFIRM: http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227

SECTRACK: http://securitytracker.com/id?1017183

SECUNIA: http://secunia.com/advisories/24055

SECUNIA: http://secunia.com/advisories/23680

SECUNIA: http://secunia.com/advisories/23513

SECUNIA: http://secunia.com/advisories/22932

SECUNIA: http://secunia.com/advisories/22872

SECUNIA: http://secunia.com/advisories/22814

SECUNIA: http://secunia.com/advisories/22778

SECUNIA: http://secunia.com/advisories/22772

REDHAT: http://rhn.redhat.com/errata/RHSA-2006-0738.html

MANDRIVA: http://frontal2.mandriva.com/security/advisories?name=MDKSA-2006:204

SGI: ftp://patches.sgi.com/support/free/security/advisories/20061201-01-P.asc
Created: 2006-11-08 00:00:00Last Changed: 2010-08-21 00:00:00
 
 The Complete Lexicon to Security