Vulnerabilities > Openbsd > Openssh > 3.7.1p1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-09-27 | CVE-2006-5052 | Unspecified vulnerability in Openbsd Openssh Unspecified vulnerability in portable OpenSSH before 4.4, when running on some platforms, allows remote attackers to determine the validity of usernames via unknown vectors involving a GSSAPI "authentication abort." | 5.0 |
2006-09-27 | CVE-2006-5051 | Double Free vulnerability in multiple products Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free. | 8.1 |
2006-09-27 | CVE-2006-4924 | Resource Management Errors vulnerability in Openbsd Openssh sshd in OpenSSH before 4.4, when using the version 1 SSH protocol, allows remote attackers to cause a denial of service (CPU consumption) via an SSH packet that contains duplicate blocks, which is not properly handled by the CRC compensation attack detector. | 7.8 |
2004-08-31 | CVE-2004-1653 | Remote Security vulnerability in OpenSSH The default configuration for OpenSSH enables AllowTcpForwarding, which could allow remote authenticated users to perform a port bounce, when configured with an anonymous access program such as AnonCVS. | 6.4 |
2003-11-17 | CVE-2003-0787 | Unspecified vulnerability in Openbsd Openssh 3.7.1/3.7.1P1 The PAM conversation function in OpenSSH 3.7.1 and 3.7.1p1 interprets an array of structures as an array of pointers, which allows attackers to modify the stack and possibly gain privileges. | 7.5 |
2003-11-17 | CVE-2003-0786 | Unspecified vulnerability in Openbsd Openssh 3.7.1/3.7.1P1 The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and 3.7.1p1, when Privilege Separation is disabled, does not check the result of the authentication attempt, which can allow remote attackers to gain privileges. | 10.0 |