Openbsd : Security Vulnerabilities, CVEs, Published In September 2005
sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts.
Max CVSS
5.0
EPSS Score
1.36%
Published
2005-09-06
Updated
2018-10-19
OpenSSH 4.0, and other versions before 4.2, does not properly handle dynamic port forwarding ("-D" option) when a listen address is not provided, which may cause OpenSSH to enable the GatewayPorts functionality.
Max CVSS
5.0
EPSS Score
0.93%
Published
2005-09-06
Updated
2016-12-08
2 vulnerabilities found