Detections
Analytics
CVE-2006-5051
high
Description
Signal handler race condition in OpenSSH before 4.4 allows remote attackers to cause a denial of service (crash), and possibly execute arbitrary code if GSSAPI authentication is enabled, via unspecified vectors that lead to a double-free.
References
https://www.tenable.com/blog/how-the-regresshion-vulnerability-could-impact-your-cloud-environment
https://www.praetorian.com/blog/cve-2024-6387-regresshion/
https://thecyberthrone.in/2024/07/01/regresshion-vulnerability-cve-2024-6387/
https://securityaffairs.com/165087/security/openssh-server-critical-flaw.html
https://www.theregister.com/2024/07/01/regresshion_openssh/
https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/29254
http://www.us-cert.gov/cas/techalerts/TA07-072A.html
http://www.openwall.com/lists/oss-security/2024/07/01/3
http://www.openbsd.org/errata.html#ssh
http://www.mandriva.com/security/advisories?name=MDKSA-2006:179
http://www.kb.cert.org/vuls/id/851340
http://www.debian.org/security/2006/dsa-1189
http://support.avaya.com/elmodocs2/security/ASA-2006-216.htm
http://security.gentoo.org/glsa/glsa-200611-06.xml
http://security.freebsd.org/advisories/FreeBSD-SA-06%3A22.openssh.asc
http://openssh.org/txt/release-4.4
http://marc.info/?l=openssh-unix-dev&m=115939141729160&w=2
http://lists.freebsd.org/pipermail/freebsd-security/2006-October/004051.html
http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html