National Cyber-Alert System
Vulnerability Summary: CVE-2006-5052
Orirignal release date: 2006-09-27
Source: US-CERT/NIST

Overview

    Unspecified vulnerability in portable OpenSSH before 4.4, when running on some platforms, allows remote attackers to determine the validity of usernames via unknown vectors involving a GSSAPI "authentication abort."

Impact

    CVSS Severity: 2.3 (Low)
    Range: remote
    Authentication:
    Impact Type: conf

Reference to Advisories, Solutions, and Tools

Vulnerable Software and Vendor

    OpenSSH (OpenBSD)

Technical Details

CVE Standard Vulnerability Entry: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5052