mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
301 lines
11 KiB
JSON
301 lines
11 KiB
JSON
{
|
|
"id": "CVE-2005-2798",
|
|
"sourceIdentifier": "secalert@redhat.com",
|
|
"published": "2005-09-06T17:03:00.000",
|
|
"lastModified": "2018-10-19T15:33:38.900",
|
|
"vulnStatus": "Modified",
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts."
|
|
}
|
|
],
|
|
"vendorComments": [
|
|
{
|
|
"organization": "Red Hat",
|
|
"comment": "This issue does not affect Red Hat Enterprise Linux 2.1 and 3.\n\nThis flaw was fixed in Red Hat Enterprise Linux 4 via errata RHSA-2005:527:\nhttp://rhn.redhat.com/errata/RHSA-2005-527.html",
|
|
"lastModified": "2006-11-20T00:00:00"
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "NONE",
|
|
"availabilityImpact": "NONE",
|
|
"baseScore": 5.0
|
|
},
|
|
"baseSeverity": "MEDIUM",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 2.9,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "NVD-CWE-Other"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:openbsd:openssh:3.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "580008AC-2667-4708-8F7E-D70416A460EE"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:openbsd:openssh:3.0.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "E05D8E86-EC01-4589-B372-4DEB7845C81F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:openbsd:openssh:3.0.1p1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "764AD252-CA2F-4A87-BCAA-7747E8C410E0"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:openbsd:openssh:3.0.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "CFFAA075-4277-4FD8-8A5A-867EEE1BA2F4"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:openbsd:openssh:3.0.2p1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "269BB9F7-55E5-4CB3-8429-C37C7132799F"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:openbsd:openssh:3.0p1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C6E6F639-31A0-4026-B6D4-51BA79FB1D20"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:openbsd:openssh:3.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0211BCE3-0DED-40BA-8A21-1A97B91F71C7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:openbsd:openssh:3.1p1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "B4EE9E4B-CABC-4EA2-9075-CC23CEB1B0A3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:openbsd:openssh:3.2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5AD7BB30-AC79-4153-852C-1053DCF4DE53"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:openbsd:openssh:3.2.2p1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9E188C66-C8F1-4C13-AAFF-7C83B2A884B8"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:openbsd:openssh:3.2.3p1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "9039BE91-AF0A-41E7-8F9F-15375890E120"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:openbsd:openssh:3.3:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "08BCB2EA-DF9D-4853-805B-29FA6274E2B7"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:openbsd:openssh:3.3p1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0F93417F-2498-4576-9F5D-B59F77D39669"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:openbsd:openssh:3.4:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AF3AB42C-B614-4746-99AD-E94140D91BF3"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:openbsd:openssh:3.4p1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "458167E5-9BC2-40BE-AC8A-9761A4F19494"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:openbsd:openssh:3.5:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "3FB9B4C7-4235-4388-8E5D-E72ECCC37A7E"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:openbsd:openssh:3.5p1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "86ACA0ED-A3D0-48A7-B06F-13709AD23B55"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:openbsd:openssh:3.6:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "0FEB9262-D05E-4610-9C79-3EDE44AC7C0B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:openbsd:openssh:3.6.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "8176879B-1875-4AC9-B15A-2ABCFCD04F88"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:openbsd:openssh:3.6.1p1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "FAA26A12-F96A-4025-BBCA-72B7A3B1E60C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:openbsd:openssh:3.6.1p2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "A02751E9-2D38-4495-9572-8D84D71D4773"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:openbsd:openssh:3.7:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "7A36BEA2-DAE4-423C-8D85-0F6036351F98"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:openbsd:openssh:3.7.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "80DC64F6-FE28-44BA-91D1-EC2DB11B2CFC"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:openbsd:openssh:3.7.1p2:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "44CCF5CD-B434-4392-A79A-C1945D2AE30A"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:openbsd:openssh:3.8:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AEB456B8-9D8B-4985-858D-6A43FA5EE2E9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:openbsd:openssh:3.8.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "2BD4E0F6-4EEA-4EC7-83E7-FC6F7D2E7A3C"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:openbsd:openssh:3.8.1p1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "C35F4ABE-1B0C-4195-8F99-BF993A17882B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:openbsd:openssh:3.9:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "ADC7352D-2916-47F7-A256-F897D763DC9B"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:openbsd:openssh:3.9.1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "AEC3FC36-B246-4DCB-8984-228525D9A356"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:openbsd:openssh:3.9.1p1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "BC861000-37D8-4B0F-BFA0-57E9BE125B56"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:openbsd:openssh:4.0p1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "5EBE75FE-DDE2-43BA-80EF-15A6698EABC9"
|
|
},
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:openbsd:openssh:4.1p1:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "683B26F0-5EA2-455A-8948-27C100BBA3AC"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "ftp://ftp.sco.com/pub/updates/UnixWare/SCOSA-2005.53/SCOSA-2005.53.txt",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://lists.suse.com/archive/suse-security-announce/2006-Feb/0001.html",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://secunia.com/advisories/18661",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://securitytracker.com/id?1014845",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-016.htm",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://support.avaya.com/elmodocs2/security/ASA-2006-033.htm",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.mandriva.com/security/advisories?name=MDKSA-2005:172",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.mindrot.org/pipermail/openssh-unix-announce/2005-September/000083.html",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.redhat.com/support/errata/RHSA-2005-527.html",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/archive/1/421411/100/0/threaded",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.securityfocus.com/bid/14729",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "http://www.vupen.com/english/advisories/2006/0144",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24064",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1345",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1566",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9717",
|
|
"source": "secalert@redhat.com"
|
|
},
|
|
{
|
|
"url": "https://usn.ubuntu.com/209-1/",
|
|
"source": "secalert@redhat.com"
|
|
}
|
|
]
|
|
} |