CVE Vulnerabilities

CVE-2011-5000

Published: Apr 05, 2012 | Modified: Jul 22, 2012
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
3.5 LOW
AV:N/AC:M/Au:S/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.

Affected Software

Name Vendor Start Version End Version
Openssh Openbsd 5.4 5.4
Openssh Openbsd 3.8 3.8
Openssh Openbsd 3.8.1p1 3.8.1p1
Openssh Openbsd 4.3p2 4.3p2
Openssh Openbsd 3.2.2 3.2.2
Openssh Openbsd 3.1 3.1
Openssh Openbsd 5.5 5.5
Openssh Openbsd 3.0.2p1 3.0.2p1
Openssh Openbsd 1.5.8 1.5.8
Openssh Openbsd 5.3 5.3
Openssh Openbsd 4.1 4.1
Openssh Openbsd 3.8.1 3.8.1
Openssh Openbsd 3.7.1p2 3.7.1p2
Openssh Openbsd 4.8 4.8
Openssh Openbsd 4.9 4.9
Openssh Openbsd 3.2.3p1 3.2.3p1
Openssh Openbsd 3.1p1 3.1p1
Openssh Openbsd 3.6.1p2 3.6.1p2
Openssh Openbsd 3.9 3.9
Openssh Openbsd 3.0 3.0
Openssh Openbsd 1.2.1 1.2.1
Openssh Openbsd 3.2 3.2
Openssh Openbsd 3.6 3.6
Openssh Openbsd 4.7 4.7
Openssh Openbsd 1.5.7 1.5.7
Openssh Openbsd 1.2.3 1.2.3
Openssh Openbsd 3.7 3.7
Openssh Openbsd * 5.8
Openssh Openbsd 4.0p1 4.0p1
Openssh Openbsd 3.5p1 3.5p1
Openssh Openbsd 3.0.1p1 3.0.1p1
Openssh Openbsd 4.4 4.4
Openssh Openbsd 3.7.1p1 3.7.1p1
Openssh Openbsd 1.2 1.2
Openssh Openbsd 5.2 5.2
Openssh Openbsd 3.3 3.3
Openssh Openbsd 3.2.2p1 3.2.2p1
Openssh Openbsd 3.9.1p1 3.9.1p1
Openssh Openbsd 3.0.2 3.0.2
Openssh Openbsd 3.4p1 3.4p1
Openssh Openbsd 3.6.1p1 3.6.1p1
Openssh Openbsd 3.0.1 3.0.1
Openssh Openbsd 3.6.1 3.6.1
Openssh Openbsd 4.1p1 4.1p1
Openssh Openbsd 5.7 5.7
Openssh Openbsd 1.2.2 1.2.2
Openssh Openbsd 4.2p1 4.2p1
Openssh Openbsd 4.5 4.5
Openssh Openbsd 3.7.1 3.7.1
Openssh Openbsd 1.2.27 1.2.27
Openssh Openbsd 4.2 4.2
Openssh Openbsd 3.4 3.4
Openssh Openbsd 4.4p1 4.4p1
Openssh Openbsd 4.3p1 4.3p1
Openssh Openbsd 3.5 3.5
Openssh Openbsd 5.1 5.1
Openssh Openbsd 3.0p1 3.0p1
Openssh Openbsd 3.3p1 3.3p1
Openssh Openbsd 5.6 5.6
Openssh Openbsd 4.3 4.3
Openssh Openbsd 4.0 4.0
Openssh Openbsd 3.9.1 3.9.1
Openssh Openbsd 5.0 5.0
Openssh Openbsd 1.3 1.3
Openssh Openbsd 1.5 1.5
Openssh Openbsd 4.6 4.6

References