CVE-2011-5000

low
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.

References

http://rhn.redhat.com/errata/RHSA-2012-0884.html

http://seclists.org/fulldisclosure/2011/Aug/2

http://site.pi3.com.pl/adv/ssh_1.txt

Details

Source: MITRE

Published: 2012-04-05

Updated: 2012-07-22

Type: CWE-189

Risk Information

CVSS v2

Base Score: 3.5

Vector: AV:N/AC:M/Au:S/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 6.8

Severity: LOW

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:openbsd:openssh:1.2:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:1.2.1:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:1.2.2:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:1.2.3:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:1.2.27:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:1.3:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:1.5:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:1.5.7:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:1.5.8:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:3.0:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:3.0.1:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:3.0.1p1:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:3.0.2:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:3.0.2p1:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:3.0p1:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:3.1:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:3.1p1:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:3.2:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:3.2.2:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:3.2.2p1:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:3.2.3p1:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:3.3:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:3.3p1:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:3.4:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:3.4p1:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:3.5:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:3.5p1:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:3.6:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:3.6.1:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:3.6.1p1:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:3.6.1p2:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:3.7:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:3.7.1:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:3.7.1p1:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:3.7.1p2:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:3.8:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:3.8.1:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:3.8.1p1:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:3.9:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:3.9.1:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:3.9.1p1:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:4.0:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:4.0p1:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:4.1:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:4.1p1:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:4.2:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:4.2p1:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:4.3:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:4.3p1:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:4.3p2:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:4.4:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:4.4p1:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:4.5:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:4.6:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:4.7:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:4.8:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:4.9:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:5.0:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:5.1:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:5.2:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:5.3:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:5.4:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:5.5:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:5.6:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:5.7:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:* versions up to 5.8 (inclusive)

Tenable Plugins

View all (10 total)

IDNameProductFamilySeverity
701162OpenSSH < 5.9 Multiple DoSNessus Network MonitorSSH
medium
73958GLSA-201405-06 : OpenSSH: Multiple vulnerabilitiesNessusGentoo Local Security Checks
medium
69706Amazon Linux AMI : openssh (ALAS-2012-99)NessusAmazon Linux Local Security Checks
low
68558Oracle Linux 6 : openssh (ELSA-2012-0884)NessusOracle Linux Local Security Checks
low
64211SuSE 11.1 Security Update : openssh (SAT Patch Number 6672)NessusSuSE Local Security Checks
low
61695SuSE 10 Security Update : openssh (ZYPP Patch Number 8248)NessusSuSE Local Security Checks
low
61345Scientific Linux Security Update : openssh on SL6.x i386/x86_64 (20120620)NessusScientific Linux Local Security Checks
low
59929CentOS 6 : openssh (CESA-2012:0884)NessusCentOS Local Security Checks
low
59594RHEL 6 : openssh (RHSA-2012:0884)NessusRed Hat Local Security Checks
low
17703OpenSSH < 5.9 Multiple DoSNessusDenial of Service
medium