Title : Redhat Security Update Fixes OpenSSH Security Bypass Issues VUPEN ID : VUPEN/ADV-2005-1961 CVE ID : CVE-2005-2798 CWE ID : CWE-
Rated as : Low Risk
Remotely Exploitable : Yes Locally Exploitable : Yes Release Date : 2005-10-05
Technical Description
Redhat has released updated packages to correct two vulnerabilities identified in OpenSSH. The first issue is due to an error introduced in OpenSSH 4.0, which could cause "GatewayPorts" to be incorrectly activated for dynamic port forwarding when no listen address is explicitly specified. The second issue occurs when a user has GSSAPI authentication configured and "GSSAPIDelegateCredentials" is enabled, which could cause Kerberos credentials to be exposed to remote hosts. For additional information, see : VUPEN/ADV-2005-1624
