Vulnerabilities > Openbsd > Openssh > 2.9p2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-09-27 | CVE-2006-5052 | Unspecified vulnerability in Openbsd Openssh Unspecified vulnerability in portable OpenSSH before 4.4, when running on some platforms, allows remote attackers to determine the validity of usernames via unknown vectors involving a GSSAPI "authentication abort." | 5.0 |
| 2006-09-27 | CVE-2006-5051 | Double Free vulnerability in multiple products Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free. | 8.1 |
| 2006-09-27 | CVE-2006-4924 | Resource Management Errors vulnerability in Openbsd Openssh sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector. | 7.8 |
| 2004-08-31 | CVE-2004-1653 | Remote Security vulnerability in OpenSSH The default configuration for OpenSSH enables AllowTcpForwarding, which could allow remote authenticated users to perform a port bounce, when configured with an anonymous access program such as AnonCVS. | 6.4 |
| 2003-10-06 | CVE-2003-0695 | Unspecified vulnerability in Openbsd Openssh Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code using (1) buffer_init in buffer.c, (2) buffer_free in buffer.c, or (3) a separate function in channels.c, a different vulnerability than CVE-2003-0693. | 7.5 |
| 2003-10-06 | CVE-2003-0682 | Remote Security vulnerability in OpenSSH "Memory bugs" in OpenSSH 3.7.1 and earlier, with unknown impact, a different set of vulnerabilities than CVE-2003-0693 and CVE-2003-0695. | 7.5 |
| 2003-09-22 | CVE-2003-0693 | Unspecified vulnerability in Openbsd Openssh A "buffer management error" in buffer_append_space of buffer.c for OpenSSH before 3.7 may allow remote attackers to execute arbitrary code by causing an incorrect amount of memory to be freed and corrupting the heap, a different vulnerability than CVE-2003-0695. | 10.0 |
| 2002-07-03 | CVE-2002-0640 | Buffer Overflow vulnerability in OpenSSH Challenge-Response Buffer overflow in sshd in OpenSSH 2.3.1 through 3.3 may allow remote attackers to execute arbitrary code via a large number of responses during challenge response authentication when OpenBSD is using PAM modules with interactive keyboard authentication (PAMAuthenticationViaKbdInt). | 10.0 |
| 2002-07-03 | CVE-2002-0639 | Integer Overflow or Wraparound vulnerability in Openbsd Openssh Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using SKEY or BSD_AUTH authentication. | 9.8 |
| 2002-06-18 | CVE-2002-0575 | Buffer Overflow vulnerability in OpenSSH Kerberos 4 TGT/AFS Token Buffer overflow in OpenSSH before 2.9.9, and 3.x before 3.2.1, with Kerberos/AFS support and KerberosTgtPassing or AFSTokenPassing enabled, allows remote and local authenticated users to gain privileges. | 7.5 |