Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-2797

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2005-2797
Last Modified 05 Sep 2008 04:52:43
Published 06 Sep 2005 01:03:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-2797

Summary

OpenSSH 4.0, and other versions before 4.2, does not properly handle dynamic port forwarding ("-D" option) when a listen address is not provided, which may cause OpenSSH to enable the GatewayPorts functionality.

Vulnerable Systems

Application

  • Openbsd Openssh 4.0


References

MLIST - [openssh-unix-announce] 20050901 Announce: OpenSSH 4.2 released

SECUNIA - 16686

BID - 14727

SECUNIA - 19243

SECUNIA - 18010

OPENPKG - OpenPKG-SA-2005.019

SCO - SCOSA-2005.53

SCO - SCOSA-2006.11

OSVDB - 19142

SECUNIA - 18661

SECTRACK - 1014845


Last Updated: 27 May 2016 10:40:38