VDB
CVE-2005-2798
CVE-2005-2798
PUBLISHED
CVSS 5 MEDIUM
sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts.
EPSS 3.02% · 86.9th percentile
Risk Scores
CVSS 2.0
5
EPSS Score
3.02%
86.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| openbsd | openssh | 3.5, 3.0, 3.0.1 |
| n/a | n/a | * |
Exploit Intelligence
- RHSA-2005:527 (circl)
- hpux-secure-shell-dos(24064) (circl)
- SCOSA-2005.53 (circl)
- 18507 (circl)
- HPSBUX02090 (circl)
- SUSE-SR:2006:003 (circl)
- 19141 (circl)
- 18406 (circl)
- 14729 (circl)
- oval:org.mitre.oval:def:9717 (circl)
…and 15 more exploits
Timeline
- Sep 6, 2005 CVE Published
- Feb 4, 2022 EPSS Score
- Mar 29, 2022 EPSS Score
- Jul 12, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Oct 26, 2022 EPSS Score
- Feb 9, 2023 EPSS Score
- Mar 7, 2023 EPSS Score
- Apr 3, 2023 EPSS Score
- Jul 17, 2023 EPSS Score
- Sep 8, 2023 EPSS Score
- Oct 30, 2023 EPSS Score
References
- RHSA-2005:527 vendor-advisory
- hpux-secure-shell-dos(24064) vdb
- SCOSA-2005.53 vendor-advisory
- 18507 third-party-advisory
- HPSBUX02090 vendor-advisory
- SUSE-SR:2006:003 vendor-advisory
- 19141 vdb
- 18406 third-party-advisory
- 14729 vdb
- oval:org.mitre.oval:def:9717 vdb
- 18717 third-party-advisory
- 17077 third-party-advisory
- ADV-2006-0144 vdb
- oval:org.mitre.oval:def:1566 vdb
- oval:org.mitre.oval:def:1345 vdb
- http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm url
- 17245 third-party-advisory
- 18661 third-party-advisory
- 18010 third-party-advisory
- [openssh-unix-announce] 20050901 Announce: OpenSSH 4.2 released mailing-list
…and 7 more