Search for vulnerabilities
Vulnerability details: VCID-vd4w-azhc-aaad
Vulnerability ID VCID-vd4w-azhc-aaad
Aliases CVE-2006-0883
Summary OpenSSH on FreeBSD 5.3 and 5.4, when used with OpenPAM, does not properly handle when a forked child process terminates during PAM authentication, which allows remote attackers to cause a denial of service (client connection refusal) by connecting multiple times to the SSH server, waiting for the password prompt, then disconnecting.
Status Published
Exploitability 0.5
Weighted Severity 4.5
Risk 2.2
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-399 Resource Management Errors
System Score Found at
epss 0.01901 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01901 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.01974 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.02364 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.04336 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.04336 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.04336 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.04336 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.04500 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.04500 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.04500 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.04500 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.04500 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.04500 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.04500 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.04500 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.04500 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.04500 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
epss 0.04500 https://api.first.org/data/v1/epss?cve=CVE-2006-0883
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2006-0883
Reference id Reference type URL
ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-06:09.openssh.asc
http://bugzilla.mindrot.org/show_bug.cgi?id=839
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2006-0883.json
https://api.first.org/data/v1/epss?cve=CVE-2006-0883
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0883
http://securityreason.com/securityalert/520
http://securitytracker.com/id?1015706
https://exchange.xforce.ibmcloud.com/vulnerabilities/25116
http://www.osvdb.org/23797
http://www.securityfocus.com/bid/16892
http://www.vupen.com/english/advisories/2006/0805
cpe:2.3:a:openbsd:openssh:3.8.1p1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:3.8.1p1:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.3:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd:5.3:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.3:release:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd:5.3:release:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.3:releng:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd:5.3:releng:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.3:stable:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd:5.3:stable:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.4:pre-release:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd:5.4:pre-release:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.4:release:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd:5.4:release:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.4:releng:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd:5.4:releng:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:5.4:stable:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:freebsd:freebsd:5.4:stable:*:*:*:*:*:*
CVE-2006-0883 https://nvd.nist.gov/vuln/detail/CVE-2006-0883
No exploits are available.
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2006-0883
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Exploit Prediction Scoring System (EPSS)
Percentile 0.81629
EPSS Score 0.01901
Published At March 28, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
There are no relevant records.