Search for vulnerabilities
Vulnerability details: VCID-grdw-6j7y-aaak
Vulnerability ID VCID-grdw-6j7y-aaak
Aliases CVE-2006-5794
Summary Unspecified vulnerability in the sshd Privilege Separation Monitor in OpenSSH before 4.5 causes weaker verification that authentication has been successful, which might allow attackers to bypass authentication. NOTE: as of 20061108, it is believed that this issue is only exploitable by leveraging vulnerabilities in the unprivileged process, which are not known to exist.
Status Published
Exploitability 0.5
Weighted Severity 6.8
Risk 3.4
Affected and Fixed Packages Package Details
Weaknesses (0)
There are no known CWE.
System Score Found at
rhas Low https://access.redhat.com/errata/RHSA-2006:0738
epss 0.01832 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.01832 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.01832 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.01832 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.01832 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.01832 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.01832 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.01832 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.01832 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.01832 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.01832 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.01832 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.01832 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.01832 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.01832 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.01832 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.01832 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.01832 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.01832 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.01832 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.01832 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.01832 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.01832 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.01832 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.01832 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.01832 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.01832 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.01832 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.01832 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.01832 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02326 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02326 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02326 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02326 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02326 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02326 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02326 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02326 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02326 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02326 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02326 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02326 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02326 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02326 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02326 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02326 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02326 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02326 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02326 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02326 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02326 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02326 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02326 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02326 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02326 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02326 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02326 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02326 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02326 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02326 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02326 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02630 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02630 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02630 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.02630 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.03126 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.03126 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.03680 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.03680 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.03680 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.03680 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.03680 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.03680 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.03680 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.03680 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.03680 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.03680 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
epss 0.03741 https://api.first.org/data/v1/epss?cve=CVE-2006-5794
rhbs low https://bugzilla.redhat.com/show_bug.cgi?id=214641
cvssv2 7.5 https://nvd.nist.gov/vuln/detail/CVE-2006-5794
Reference id Reference type URL
ftp://patches.sgi.com/support/free/security/advisories/20061201-01-P.asc
http://rhn.redhat.com/errata/RHSA-2006-0738.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-5794.json
https://api.first.org/data/v1/epss?cve=CVE-2006-5794
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5794
http://secunia.com/advisories/22771
http://secunia.com/advisories/22772
http://secunia.com/advisories/22773
http://secunia.com/advisories/22778
http://secunia.com/advisories/22814
http://secunia.com/advisories/22872
http://secunia.com/advisories/22932
http://secunia.com/advisories/23513
http://secunia.com/advisories/23680
http://secunia.com/advisories/24055
http://securitytracker.com/id?1017183
https://exchange.xforce.ibmcloud.com/vulnerabilities/30120
https://issues.rpath.com/browse/RPL-766
http://sourceforge.net/project/shownotes.php?release_id=461854&group_id=69227
http://sourceforge.net/project/shownotes.php?release_id=461863&group_id=69227
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11840
http://support.avaya.com/elmodocs2/security/ASA-2007-048.htm
http://www.mandriva.com/security/advisories?name=MDKSA-2006:204
http://www.novell.com/linux/security/advisories/2006_26_sr.html
http://www.openpkg.org/security/advisories/OpenPKG-SA-2006.032-openssh.html
http://www.openssh.org/txt/release-4.5
http://www.securityfocus.com/archive/1/451100/100/0/threaded
http://www.securityfocus.com/bid/20956
http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html
http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html
http://www.vupen.com/english/advisories/2006/4399
http://www.vupen.com/english/advisories/2006/4400
214641 https://bugzilla.redhat.com/show_bug.cgi?id=214641
cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:*:*:*:*:*:*:*:*
CVE-2006-5794 https://nvd.nist.gov/vuln/detail/CVE-2006-5794
RHSA-2006:0738 https://access.redhat.com/errata/RHSA-2006:0738
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2006-5794
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.81319
EPSS Score 0.01832
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.