CVE-2005-2798

Advisory lineage Upstream: 0 Downstream: 2

Downstream

DEBIAN-CVE-2005-2798 RHSA-2005:527

Modified

Published: 06 Sept 2005, 04:00

Last modified:07 Aug 2024, 22:45

Vulnerability Summary

Overall Risk (default)

low

21/100

CVSS Score

5 MEDIUM

v2.0 (nvd)

EPSS Score

3.02% LOW

3% probability +0.32%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

06 Sept 2005, 04:00

Published

Vulnerability first disclosed

07 Aug 2024, 22:45

Last Modified

Vulnerability information updated

Description

sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts.

CVSS Metrics

v2.0•MEDIUM•Score: 5AV:N/AC:L/Au:N/C:P/I:N/A:N

EPSS Trends

Current EPSS score: 3.02%• Percentile: 87%

Affected Systems

openbsd•openssh
3.0 | 3.0.1 | 3.0.1p1 | 3.0.2 | 3.0.2p1 | 3.0p1 | 3.1 | 3.1p1 | 3.2 | 3.2.2p1 | 3.2.3p1 | 3.3 | 3.3p1 | 3.4 | 3.4p1 | 3.5 | 3.5p1 | 3.6 | 3.6.1 | 3.6.1p1 | 3.6.1p2 | 3.7 | 3.7.1 | 3.7.1p2 | 3.8 | 3.8.1 | 3.8.1p1 | 3.9 | 3.9.1 | 3.9.1p1 | 4.0p1 | 4.1p1