New Search

Leaking GSSAPI Credentials Vulnerability (B.11.23)

oval:org.mitre.oval:def:1345

sshd in OpenSSH before 4.2 when GSSAPIDelegateCredentials is enabled allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods which could cause those credentials to be exposed to untrusted users or hosts.

Family:
unix
Status:
ACCEPTED
Platform(s):
  • HP-UX 11
Class:
vulnerability
Reference(s):
  • CVE-2005-2798
Product(s):
  • SecureShell