CVE-2011-5000

Updated: 2024-11-23 05:51:59.76047

Description:

The ssh_gssapi_parse_ename function in gss-serv.c in OpenSSH 5.8 and earlier, when gssapi-with-mic authentication is enabled, allows remote authenticated users to cause a denial of service (memory consumption) via a large value in a certain length field. NOTE: there may be limited scenarios in which this issue is relevant.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x LOW 3.5
CVSS Version 3.x 0

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

CentOS 6 ELS openssh 5.3p1 0.0 Not Vulnerable 2022-04-26 04:03:30