Back to search
CVE-2005-2798
Published: Sep 6, 2005
Modified: Aug 7, 2024
PUBLISHED
Description
sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
RHSA-2005:527
vendor-advisory
x_refsource_REDHAT
hpux-secure-shell-dos(24064)
vdb-entry
x_refsource_XF
18507
third-party-advisory
x_refsource_SECUNIA
HPSBUX02090
vendor-advisory
x_refsource_HP
SUSE-SR:2006:003
vendor-advisory
x_refsource_SUSE
19141
vdb-entry
x_refsource_OSVDB
SSRT051058
vendor-advisory
x_refsource_HP
18406
third-party-advisory
x_refsource_SECUNIA
14729
vdb-entry
x_refsource_BID
oval:org.mitre.oval:def:9717
vdb-entry
signature
x_refsource_OVAL
18717
third-party-advisory
x_refsource_SECUNIA
17077
third-party-advisory
x_refsource_SECUNIA
ADV-2006-0144
vdb-entry
x_refsource_VUPEN
oval:org.mitre.oval:def:1566
vdb-entry
signature
x_refsource_OVAL
oval:org.mitre.oval:def:1345
vdb-entry
signature
x_refsource_OVAL
http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm
x_refsource_CONFIRM
17245
third-party-advisory
x_refsource_SECUNIA
18661
third-party-advisory
x_refsource_SECUNIA
18010
third-party-advisory
x_refsource_SECUNIA
[openssh-unix-announce] 20050901 Announce: OpenSSH 4.2 released
mailing-list
x_refsource_MLIST
MDKSA-2005:172
vendor-advisory
x_refsource_MANDRIVA
http://support.avaya.com/elmodocs2/security/ASA-2006-033.htm
x_refsource_CONFIRM
1014845
vdb-entry
x_refsource_SECTRACK
USN-209-1
vendor-advisory
x_refsource_UBUNTU
16686
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now