CVE-2006-5051: Race Condition
First published: Wed Sep 27 2006(Updated: )
OpenSSH 4.4 was released and mentions: * Fix an unsafe signal hander reported by Mark Dowd. The signal handler was vulnerable to a race condition that could be exploited to perform a pre-authentication denial of service. On portable OpenSSH, this vulnerability could theoretically lead to pre-authentication remote code execution if GSSAPI authentication is enabled, but the likelihood of successful exploitation appears remote. This could only affect RHEL4 as previous RHEL did not support GSSAPI
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/RHSA-2006 | <0697 | 0697 |
| OpenSSH | =3.8 | |
| OpenSSH | =3.8.1p1 | |
| OpenSSH | =3.2.2 | |
| OpenSSH | =3.1 | |
| OpenSSH | =3.0.2p1 | |
| OpenSSH | =3.8.1 | |
| OpenSSH | =2.1.1 | |
| OpenSSH | =3.7.1p2 | |
| OpenSSH | =3.2.3p1 | |
| OpenSSH | =3.1p1 | |
| OpenSSH | =2.5.1 | |
| OpenSSH | =2.9.9p2 | |
| OpenSSH | =3.6.1p2 | |
| OpenSSH | =3.9 | |
| OpenSSH | =3.0 | |
| OpenSSH | =1.2.1 | |
| OpenSSH | =2.2 | |
| OpenSSH | =3.2 | |
| OpenSSH | =3.6 | |
| OpenSSH | =1.2.3 | |
| OpenSSH | =3.7 | |
| OpenSSH | =4.0p1 | |
| OpenSSH | =3.5p1 | |
| OpenSSH | =3.0.1p1 | |
| OpenSSH | =3.7.1p1 | |
| OpenSSH | =2.1 | |
| OpenSSH | =1.2 | |
| OpenSSH | =3.3 | |
| OpenSSH | =3.2.2p1 | |
| OpenSSH | =3.9.1p1 | |
| OpenSSH | =3.0.2 | |
| OpenSSH | =3.4p1 | |
| OpenSSH | =3.6.1p1 | |
| OpenSSH | =3.0.1 | |
| OpenSSH | =2.9.9 | |
| OpenSSH | =3.6.1 | |
| OpenSSH | =4.1p1 | |
| OpenSSH | =1.2.2 | |
| OpenSSH | =4.2p1 | |
| OpenSSH | =2.9p1 | |
| OpenSSH | =2.9 | |
| OpenSSH | =3.7.1 | |
| OpenSSH | =1.2.27 | |
| OpenSSH | =4.2 | |
| OpenSSH | =2.5.2 | |
| OpenSSH | =2.3 | |
| OpenSSH | =3.4 | |
| OpenSSH | =4.3p1 | |
| OpenSSH | =3.5 | |
| OpenSSH | =2.5 | |
| OpenSSH | =3.0p1 | |
| OpenSSH | =3.3p1 | |
| OpenSSH | =4.3 | |
| OpenSSH | =4.0 | |
| OpenSSH | =3.9.1 | |
| OpenSSH | =2.9p2 | |
| OpenSSH | <=4.4 | |
| Debian | =3.1 | |
| Apple iOS and macOS | <10.3.9 | |
| Apple iOS and macOS | >=10.4<=10.4.8 | |
| Apple macOS Server | <10.3.9 | |
| Apple macOS Server | >=10.4<=10.4.8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.redhat.com/support/errata/RHSA-2006-0698.html
- http://www.redhat.com/support/errata/RHSA-2006-0697.html
- http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.592566
- http://www.ubuntu.com/usn/usn-355-1
- http://www.securityfocus.com/bid/20241
- http://securitytracker.com/id?1016940
- http://secunia.com/advisories/22158
- http://secunia.com/advisories/22173
- http://secunia.com/advisories/22183
- http://secunia.com/advisories/22196
- http://secunia.com/advisories/22236
- http://lists.freebsd.org/pipermail/freebsd-security/2006-October/004051.html
- http://www.debian.org/security/2006/dsa-1189
- http://security.freebsd.org/advisories/FreeBSD-SA-06%3A22.openssh.asc
- http://www.kb.cert.org/vuls/id/851340
- http://secunia.com/advisories/22270
- http://secunia.com/advisories/22208
- http://secunia.com/advisories/22245
- http://www.arkoon.fr/upload/alertes/36AK-2006-07-FR-1.0_FAST360_OPENSSH.pdf
- http://www.openbsd.org/errata.html#ssh
- http://secunia.com/advisories/22352
- http://support.avaya.com/elmodocs2/security/ASA-2006-216.htm
- http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.022-openssh.html
- http://secunia.com/advisories/22362
- http://www.novell.com/linux/security/advisories/2006_62_openssh.html
- http://secunia.com/advisories/22495
- http://www.arkoon.fr/upload/alertes/43AK-2006-09-FR-1.0_SSL360_OPENSSH.pdf
- http://secunia.com/advisories/22487
- http://security.gentoo.org/glsa/glsa-200611-06.xml
- http://secunia.com/advisories/22823
- http://www.debian.org/security/2006/dsa-1212
- http://secunia.com/advisories/22926
- http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html
- http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html
- http://secunia.com/advisories/23680
- http://docs.info.apple.com/article.html?artnum=305214
- http://secunia.com/advisories/24479
- http://www-unix.globus.org/mail_archive/security-announce/2007/04/msg00000.html
- http://secunia.com/advisories/24805
- http://openssh.org/txt/release-4.4
- http://www.osvdb.org/29264
- http://sourceforge.net/forum/forum.php?forum_id=681763
- http://lists.apple.com/archives/security-announce/2007/Mar/msg00002.html
- http://www.mandriva.com/security/advisories?name=MDKSA-2006:179
- http://www.us-cert.gov/cas/techalerts/TA07-072A.html
- http://secunia.com/advisories/24799
- http://www.vupen.com/english/advisories/2007/0930
- http://www.vupen.com/english/advisories/2007/1332
- http://www.vupen.com/english/advisories/2006/4329
- http://www.vupen.com/english/advisories/2006/4018
- http://marc.info/?l=openssh-unix-dev&m=115939141729160&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29254
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11387
- https://www.bleepingcomputer.com/news/security/new-regresshion-openssh-rce-bug-gives-root-on-linux-servers/
- https://www.theregister.com/2024/07/01/regresshion_openssh/
- https://www.zdnet.com/article/over-14m-servers-may-be-vulnerable-to-opensshs-regresshion-rce-flaw-heres-what-you-need-to-do/
- http://rhn.redhat.com/errata/RHSA-2006-0697.html
- https://bugzilla.redhat.com/show_bug.cgi?id=208347
- http://www.openwall.com/lists/oss-security/2024/07/01/3
- http://www.openwall.com/lists/oss-security/2024/07/28/3
- https://www.openwall.com/lists/oss-security/2024/07/28/3
Frequently Asked Questions
What is the severity of CVE-2006-5051?
CVE-2006-5051 is classified as a medium severity vulnerability due to its potential for a pre-authentication denial of service.
How do I fix CVE-2006-5051?
To mitigate CVE-2006-5051, update OpenSSH to a version beyond 4.4, which contains the necessary patches.
What versions of OpenSSH are affected by CVE-2006-5051?
Affected versions include OpenSSH 4.4 and earlier, along with various earlier versions from the 3.x series and below.
Can CVE-2006-5051 lead to an actual exploit?
Yes, it can be exploited to create a denial of service condition, affecting the availability of the affected systems.
Is CVE-2006-5051 specific to any operating system?
CVE-2006-5051 impacts multiple operating systems that use vulnerable versions of OpenSSH, including Red Hat, Debian, and macOS.
- agent/type
- collector/bleeping-computer
- source/BleepingComputer
- alias/CVE-2024-6387
- alias/CVE-2006-5051
- alias/CVE-2008-4109
- collector/the-register
- source/The Register
- collector/zdnet-article
- source/ZDNet
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- agent/software-canonical-lookup
- agent/severity
- agent/description
- agent/first-publish-date
- agent/references
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- agent/trending
- agent/source
- agent/weakness
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/author
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- package-manager/redhat
- vendor/openbsd
- canonical/openssh
- version/openssh/3.8
- version/openssh/3.8.1p1
- version/openssh/3.2.2
- version/openssh/3.1
- version/openssh/3.0.2p1
- version/openssh/3.8.1
- version/openssh/2.1.1
- version/openssh/3.7.1p2
- version/openssh/3.2.3p1
- version/openssh/3.1p1
- version/openssh/2.5.1
- version/openssh/2.9.9p2
- version/openssh/3.6.1p2
- version/openssh/3.9
- version/openssh/3.0
- version/openssh/1.2.1
- version/openssh/2.2
- version/openssh/3.2
- version/openssh/3.6
- version/openssh/1.2.3
- version/openssh/3.7
- version/openssh/4.0p1
- version/openssh/3.5p1
- version/openssh/3.0.1p1
- version/openssh/3.7.1p1
- version/openssh/2.1
- version/openssh/1.2
- version/openssh/3.3
- version/openssh/3.2.2p1
- version/openssh/3.9.1p1
- version/openssh/3.0.2
- version/openssh/3.4p1
- version/openssh/3.6.1p1
- version/openssh/3.0.1
- version/openssh/2.9.9
- version/openssh/3.6.1
- version/openssh/4.1p1
- version/openssh/1.2.2
- version/openssh/4.2p1
- version/openssh/2.9p1
- version/openssh/2.9
- version/openssh/3.7.1
- version/openssh/1.2.27
- version/openssh/4.2
- version/openssh/2.5.2
- version/openssh/2.3
- version/openssh/3.4
- version/openssh/4.3p1
- version/openssh/3.5
- version/openssh/2.5
- version/openssh/3.0p1
- version/openssh/3.3p1
- version/openssh/4.3
- version/openssh/4.0
- version/openssh/3.9.1
- version/openssh/2.9p2
- version/openssh/4.4
- vendor/debian
- canonical/debian
- version/debian/3.1
- vendor/apple
- canonical/apple ios and macos
- version/apple ios and macos/10.4
- version/apple ios and macos/10.4.8
- canonical/apple macos server
- version/apple macos server/10.4
- version/apple macos server/10.4.8