Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2011-5000

Опубликовано: 05 апр. 2012
Источник: nvd
CVSS2: 3.5
EPSS Низкий

Описание

The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*
Версия до 5.8 (включая)
cpe:2.3:a:openbsd:openssh:1.2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.2.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.2.2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.2.3:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.2.27:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.3:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.5:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.5.7:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:1.5.8:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0.1p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0.2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0.2p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.0p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.1p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.2.2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.2.2p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.2.3p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.3:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.3p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.4:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.4p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.5:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.5p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.6:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.6.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.6.1p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.6.1p2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.7:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.7.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.7.1p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.7.1p2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.8:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.8.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.8.1p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.9:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.9.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:3.9.1p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.0:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.0p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.1p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.2p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.3:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.3p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.3p2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.4:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.4p1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.5:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.6:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.7:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.8:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:4.9:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.0:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.1:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.2:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.3:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.4:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.5:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.6:*:*:*:*:*:*:*
cpe:2.3:a:openbsd:openssh:5.7:*:*:*:*:*:*:*

EPSS

Процентиль: 71%
0.00698
Низкий

3.5 Low

CVSS2

Дефекты

CWE-189

Связанные уязвимости

ubuntu логотип

CVE-2011-5000

ubuntu
больше 13 лет назад

The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.

redhat логотип

CVE-2011-5000

redhat
больше 14 лет назад

The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.

debian логотип

CVE-2011-5000

debian
больше 13 лет назад

The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and e ...

github логотип

GHSA-wq52-9gh8-cwrp

github
больше 3 лет назад

The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.

oracle-oval логотип

ELSA-2012-0884

oracle-oval
больше 13 лет назад

ELSA-2012-0884: openssh security, bug fix, and enhancement update (LOW)

EPSS

Процентиль: 71%
0.00698
Низкий

3.5 Low

CVSS2

Дефекты

CWE-189
Уязвимость CVE-2011-5000