Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-suwa-7cxc-3ug8
Summary
Aliases
0
alias CVE-2006-5229
Fixed_packages
Affected_packages
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5229.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5229.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2006-5229
reference_id
reference_type
scores
0
value 0.56627
scoring_system epss
scoring_elements 0.98165
published_at 2026-06-11T12:55:00Z
1
value 0.56627
scoring_system epss
scoring_elements 0.98172
published_at 2026-06-13T12:55:00Z
2
value 0.56627
scoring_system epss
scoring_elements 0.98173
published_at 2026-06-14T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2006-5229
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Weaknesses
Exploits
0
date_added null
description 
This module uses a malformed packet or timing attack to enumerate users on
          an OpenSSH server.

          The default action sends a malformed (corrupted) SSH_MSG_USERAUTH_REQUEST
          packet using public key authentication (must be enabled) to enumerate users.

          On some versions of OpenSSH under some configurations, OpenSSH will return a
          "permission denied" error for an invalid user faster than for a valid user,
          creating an opportunity for a timing attack to enumerate users.

          Testing note: invalid users were logged, while valid users were not. YMMV.
required_action null
due_date null
notes 
Stability:
  - crash-service-down
Reliability: []
SideEffects:
  - ioc-in-logs
  - account-lockouts
known_ransomware_campaign_use false
source_date_published null
exploit_type null
platform
source_date_updated null
data_source Metasploit
source_url https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/scanner/ssh/ssh_enumusers.rb
1
date_added 2007-02-12
description Portable OpenSSH 3.6.1p-PAM/4.1-SuSE - Timing Attack
required_action null
due_date null
notes null
known_ransomware_campaign_use true
source_date_published 2007-02-13
exploit_type remote
platform multiple
source_date_updated 2016-09-27
data_source Exploit-DB
source_url
Severity_range_score5.3 - 5.3
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-suwa-7cxc-3ug8